如何使用ASP.NET和& ;;管理基于角色的用户权限MSSQL?
问题描述:
i have multiple asp.net web form and sql express database. in web form there are 3 types of action that i wan to control Menu, ADD, DELETE , EDIT.
I wan to create custom User role to specify user rights to manage access control of asp.net c# Application (Menu, ADD,DELETE and EDIT visibility).
What I have tried:
Currently i am try to manage using simple sql reader query on every page for every button and link.
string yes = "1";
if (rdr["access"].ToString() == yes.ToString())
Button1.Visible = true;
答
Microsoft提供了一个完整的示例 - 演练:管理具有角色的网站用户 [ ^ ]
还有一篇关于管理数据库用户的文章 - 管理用户,角色和登录| Microsoft Docs [ ^ ]
对你的评论交叉发布 [ ^ ]也适用于这里
当然还有关于这个主题的Code Project文章...例如
如何管理基于角色的用户权限 [ ^ ]
使用应用程序角色保护数据 [ ^ ]
Microsoft provide a full walk through example - Walkthrough: Managing Web Site Users with Roles[^]
There is also an article on managing users on databases - Managing Users, Roles, and Logins | Microsoft Docs[^]
The comments on your cross post[^] also apply here
Then of course there are Code Project articles on the subject ...e.g.
How to Manage Role Based User Rights[^]
Securing Data With Application Role[^]