ASP.NET requirements for ClaimTypes
我正在研究在ASP.NET(MVC Core 1.0)中使用基于声明的授权。设置
1 2 3 4 5 6 | List<Claim> claims = new List<Claim> { new Claim("UserID", user.ID), new Claim("Name", user.Name), new Claim("Role","basic") }; |
我的理解是,我可以使用任何想要的键/值。但是我注意到通过
1 2 3 4 5 6 | List<Claim> claims = new List<Claim> { new Claim(ClaimTypes.Sid, user.ID), new Claim(ClaimTypes.Name, user.Name), new Claim(ClaimTypes.Role,"basic") }; |
问题:
如果我使用预定义的键,关于分配给每个键的实际值是否有任何规则/限制,或者是由应用程序定义的?例如,是否可以将数据库主键粘贴在
是否需要任何
任何与使用特定键/值有关的要求和/或最佳实践的链接都将受到赞赏。
If I use the pre-defined keys, are there any rules/restrictions
regarding the actual values assigned to each key, or is it application
defined? For example, is it OK to stick a database primary key in
ClaimTypes.Sid, or does ASP.NET have certain expectations of what
ClaimTypes.Sid should contain?
如果得到的
Are there any ClaimTypes that are required, or is it completely up to
the application to decide what to include or not include? I imagine
the answer may depend on specific third-party authentication services
I would interact with, but how about the simple case of a
self-contained ASP.NET project that does not use any third-party
authentication. Does ASP.NET itself have any requirements?
假设没有第三方,您可以决定什么是必需的,什么不是必需的。请记住,如果您将声明存储在Cookie(不是第三方来源)中,则空间会有所限制; Cookie的总数不能超过4096个字节。
到目前为止,我在这里找到关于ASP.NET Core声明身份验证的最佳文章。到发布时,我们仍在RC1中,因此某些详细信息可能会在最终版本之前更改。
If I use the pre-defined keys, are there any rules/restrictions regarding the actual values assigned to each key, or is it application defined? For example, is it OK to stick a database primary key in ClaimTypes.Sid, or does ASP.NET have certain expectations of what ClaimTypes.Sid should contain?
基本上没有规则限制,但是它取决于令牌的使用者。默认情况下,Asp.Net Identity期望用户名为
话虽如此,如果您使用自定义声明类型,则在配置Asp.Net Identity时需要在
在