我一直在尝试"字里行间"了解NetSqlAzMan项目的原始(和/或当前)动机。
这是为之写的吗?
-
用于Windows授权管理器(AzMan)的适配器。NetSqlAzMan中的方法只是将调用传递给(Windows授权管理器(AzMan)),但可能使用更好/更干净的方法?
-
(Windows授权管理器(AzMan))的替代品。其中(Windows授权管理器(AzMan))中可用的功能(大部分或全部)在NetSqlAzMan中重新创建,但代码是独立开发的。(也许是为了提供DotNet 4.0支持??)(也许是删除任何COM依赖项)
-
提供比提供的(Windows授权管理器(AzMan))更多的功能。Aka,(Windows授权管理器(AzMan))的"更智能"/"更好"版本。
-
重写,同时通过开源保持一个半死不活的项目。(就像在中一样,也许(Windows授权管理器(AzMan))是微软已经死了或放弃的项目)。
-
其他?
我喜欢NetSqlAzMan的对象模型。但我需要向我的项目经理和其他开发人员捍卫任何使用它的决定。就我所希望的安全性而言,对象模型似乎"恰到好处"(想想金发姑娘和中间的床)。我不想做基于角色的安全。我想要基于权限(或任务或权限)的安全性。
(请参见:http://lostechies.com/derickbailey/2011/05/24/dont-do-role-based-authorization-checks-do-activity-based-checks/和http://granadacoder.wordpress.com/2010/12/01/rant-hard-coded-security-roles/)
基本上,出现的问题是:"使用NetSqlAzMan而不是(Windows授权管理器(AzMan))有什么好处?"
子问题是"Windows授权管理器(AzMan)死了吗?"。(还有一些类似于NetSqlAzMan万岁的东西!)。
我的一般要求是:
非Active Directory用户。(以后Active Directory和/或LDAP支持会很好,但不是必须的)。密码未存储为纯文本。能够处理安全检查的权限
对任何角色下的权限进行分组。为用户分配角色。(但是,在执行操作时,代码将检查权限,而不是角色。)允许(有时)将权限分配给用户。使用拒绝覆盖。(阿卡,一个做愚蠢事情(比如"删除员工")的用户可以被撤销该权利。)可以为多个应用程序维护角色和权限。
因此,欢迎其他想法。但Windows身份基金会似乎有些过头了。
谢谢。
昨晚我终于找到了一篇"比较"文章。
http://www.c-sharpcorner.com/uploadfile/a.ferendeles/netsqlazman12122006123316pm/netsqlazman.aspx
我将把相关部分粘贴在这里(如下)。(以防该网站在未来不复存在。我知道,可能性很小,但我讨厌"答案在这里"链接,当你点击链接时,它就是一个死链接。)
据我所知。
NetSqlAzMan提供了一个(表)用户定义的函数,您可以重载该函数以提供用户列表(分配给角色/任务)。NetSqlAzMan不仅提供"是的,你可以"映射(Grant),还提供Deny和Grant With Delegate。NetSqlAzMan和Azman允许用户(组)到角色的映射。只有NetSqlAzMan允许用户进行任务映射。
看了几个样品之后。。。NetSqlAzMan的对象模型非常干净。
==============================================
Ms授权管理器(AzMan)与.NET Sql授权管理器(NetSqlAzMan)
如前所述,类似的微软产品已经存在并且被称为授权管理器(AzMan);AzMan出席,由默认值,在Windows Server 2003中,并且通过管理包设置,在Windows XP。
AzMan和NetSqlAzMan之间的重要区别在于第一种是基于角色,也就是说,基于归属-角色的概念和每个角色中的操作容器,而第二个是基于项目(或者如果您更喜欢基于操作),即用户或用户可以或不能属于角色或执行的组或组此类任务和/或操作(项目)。
以下是两者之间最重要的特点和区别产品:
AzMan女士:
* It's COM. * It's equipped by a MMC 2.0 (COM) console. * Its storage can be an XML file or ADAM (Active Directory Application Mode - e un LDAP). * It's role-based. * It supports static/dynamic applicative groups, members/not-members. * Structure based on Roles -> Tasks -> Operations. (Hierarchical Roles and Tasks , none Operations). * Authorizations can be added only to Roles. * It doesn't implement the "delegate" concept. * It doesn't manage authorizations "in the time". * It doesn't trigger events. * The only type of authorization is "Allow". (to "deny" it needs to remove the user/group from his Role). * It supports Scripting / Biz rules. * It supports Active Directory users/groups and ADAM users.NetSqlAzMan:
* It's .NET 2.0. * It's equipped by a MMC 3.0 (.NET) console. * Its storage is a Sql Server database(2000/MSDE/2005/Express). * It's based on Tdo - Typed Data Object technology. * It's Item-based. * Structure based on Roles -> Tasks -> Operations. (all hierarchical ones). * Authorizations can be added to Roles, Task and Operations. * It supports static/dynamic applicative groups, members/not-members. * LDAP query testing directly from console. * It's time-dependant. * It's delegate-compliant. * It triggers events (ENS). * It supports 4 authorization types: o Allow with delegation (authorized and authorized to delegate). o Allow (authorized). o Deny (not authorized). o Neutral (neutral permission, it depends on higher level Item permission). * Hierarchical authorizations. * It supports Scripting / Biz rules (compiled in .NET - C# - VB - and not interpreted) * It supports Active Directory users/groups and custom users defined in SQL Server Database.
还有一个。
Azman样本代码:http://channel9.msdn.com/forums/sandbox/252978-AzMan-in-the-Enterprise-Sample-Codehttp://channel9.msdn.com/forums/sandbox/252973-Programming-AzMan-Sample-Code
using System;
using System.Security.Principal;
using System.Runtime.InteropServices;
using AZROLESLib;
namespace TreyResearch {
public class AzManHelper : IDisposable {
AzAuthorizationStore store;
IAzApplication app;
string appName;
public AzManHelper(string connectionString, string appName) {
this.appName = appName;
try {
// load and initialize the AzMan runtime
store = new AzAuthorizationStore();
store.Initialize(0, connectionString, null);
// drill down to our application
app = store.OpenApplication(appName, null);
}
catch (COMException x) {
throw new AzManException("Failed to initizlize AzManHelper", x);
}
catch (System.IO.FileNotFoundException x) {
throw new AzManException(string.Format("Failed to load AzMan policy from {0} - make sure your connection string is correct.", connectionString), x);
}
}
public void Dispose() {
if (null == app) return;
Marshal.ReleaseComObject(app);
Marshal.ReleaseComObject(store);
app = null;
store = null;
}
public bool AccessCheck(string audit, Operations op,
WindowsIdentity clientIdentity) {
try {
// first step is to create an AzMan context for the client
// this looks at the security identifiers (SIDs) in the user's
// access token and maps them onto AzMan roles, tasks, and operations
IAzClientContext ctx = app.InitializeClientContextFromToken(
(ulong)clientIdentity.Token.ToInt64(), null);
// next step is to see if this user is authorized for
// the requested operation. Note that AccessCheck allows
// you to check multiple operations at once if you desire
object[] scopes = { "" };
object[] operations = { (int)op };
object[] results = (object[])ctx.AccessCheck(audit, scopes, operations,
null, null, null, null, null);
int result = (int)results[0];
return 0 == result;
}
catch (COMException x) {
throw new AzManException("AccessCheck failed", x);
}
}
public bool AccessCheckWithArg(string audit, Operations op,
WindowsIdentity clientIdentity,
string argName, object argValue) {
try {
// first step is to create an AzMan context for the client
// this looks at the security identifiers (SIDs) in the user's
// access token and maps them onto AzMan roles, tasks, and operations
IAzClientContext ctx = app.InitializeClientContextFromToken(
(ulong)clientIdentity.Token.ToInt64(), null);
// next step is to see if this user is authorized for
// the requested operation. Note that AccessCheck allows
// you to check multiple operations at once if you desire
object[] scopes = { "" };
object[] operations = { (int)op };
object[] argNames = { argName };
object[] argValues = { argValue };
object[] results = (object[])ctx.AccessCheck(audit, scopes, operations,
argNames, argValues,
null, null, null);
int result = (int)results[0];
return 0 == result;
}
catch (COMException x) {
throw new AzManException("AccessCheckWithArg failed", x);
}
}
// use this to update a running app
// after you change the AzMan policy
public void UpdateCache() {
try {
store.UpdateCache(null);
Marshal.ReleaseComObject(app);
app = store.OpenApplication(appName, null);
}
catch (COMException x) {
throw new AzManException("UpdateCache failed", x);
}
}
}
public class AzManException : Exception {
public AzManException(string message, Exception innerException)
: base(message, innerException)
{}
}
}
这是阿兹曼助手代码。这是丑陋的COM/Interopish的东西<
现在检查NetSqlAzMan代码示例:
http://netsqlazman.codeplex.com/wikipage?title=Samples
/// <summary>
/// Create a Full Storage through .NET code
/// </summary>
private void CreateFullStorage()
{
// USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Administrators
//Sql Storage connection string
string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password";
//Create an instance of SqlAzManStorage class
IAzManStorage storage = new SqlAzManStorage(sqlConnectionString);
//Open Storage Connection
storage.OpenConnection();
//Begin a new Transaction
storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
//Create a new Store
IAzManStore newStore = storage.CreateStore("My Store", "Store description");
//Create a new Basic StoreGroup
IAzManStoreGroup newStoreGroup = newStore.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), "My Store Group", "Store Group Description", String.Empty, GroupType.Basic);
//Retrieve current user SID
IAzManSid mySid = new SqlAzManSID(WindowsIdentity.GetCurrent().User);
//Add myself as sid of "My Store Group"
IAzManStoreGroupMember storeGroupMember = newStoreGroup.CreateStoreGroupMember(mySid, WhereDefined.Local, true);
//Create a new Application
IAzManApplication newApp = newStore.CreateApplication("New Application", "Application description");
//Create a new Role
IAzManItem newRole = newApp.CreateItem("New Role", "Role description", ItemType.Role);
//Create a new Task
IAzManItem newTask = newApp.CreateItem("New Task", "Task description", ItemType.Task);
//Create a new Operation
IAzManItem newOp = newApp.CreateItem("New Operation", "Operation description", ItemType.Operation);
//Add "New Operation" as a sid of "New Task"
newTask.AddMember(newOp);
//Add "New Task" as a sid of "New Role"
newRole.AddMember(newTask);
//Create an authorization for myself on "New Role"
IAzManAuthorization auth = newRole.CreateAuthorization(mySid, WhereDefined.Local, mySid, WhereDefined.Local, AuthorizationType.AllowWithDelegation, null, null);
//Create a custom attribute
IAzManAttribute<IAzManAuthorization> attr = auth.CreateAttribute("New Key", "New Value");
//Create an authorization for DB User "Andrea" on "New Role"
IAzManAuthorization auth2 = newRole.CreateAuthorization(mySid, WhereDefined.Local, storage.GetDBUser("Andrea").CustomSid, WhereDefined.Local, AuthorizationType.AllowWithDelegation, null, null);
//Commit transaction
storage.CommitTransaction();
//Close connection
storage.CloseConnection();
}
这本身就告诉了一个故事。
我认为微软在其博客和SDK中缺乏更新的原因与他们已经将所有工具和设计转向社交网络/联邦友好的"索赔模型"有关:
http://msdn.microsoft.com/en-us/magazine/ee335707.aspx
与任何AzMan变体相比,在较低的AzMan操作级别(代码要求将其与其他变体解耦),我们只有权限类型声明。这种新的操作风格只是由您定义的签名(或稍后重新配置)验证的任何受信任声明提供者/服务发出的URN字符串/操作名称。然后,它们只是用户标识中角色的平面列表,因此很容易使用常见的IsInRole方法进行检查。
这样做的理由是明确的。现代互联网解决方案(一旦隐私法得到改善,可能还会有一些未来的企业内部网应用程序)需要多域身份验证和授权,例如此StackOverflow.com用户帐户和连接的Facebook帐户或您可能链接的任何OpenID帐户。
因此,对于授权,您现在可以对映射在外部声明和内部"权限声明"之间的规则进行编码(类似于AzMan操作)。然而,没有标准的格式、层次结构或管理工具。
也许索赔服务(身份验证)+AzMan XML/SQL(角色到索赔映射)+索赔权限需求的混合解决方案是前进的方向。到目前为止,我发现的所有样本都有代码在中间。我想看到从Active Directory到角色到任务再到声明(操作)的递归组成员身份,就像我们在AzMan中已经拥有的一样。
需要进行更多的调查,以利用新技术实现"良好的旧"但仍然必不可少的"基于角色的安全"模式。。。
如果你想开始,请访问Microsoft Windows Identity Foundation(WIF),它最初出现在.NET 3.5.1中,但后来已集成到.NET 4.5框架中。
http://msdn.microsoft.com/en-us/library/hh377151(v=vs.110).aspx