?FluorineFx.NET的認(rèn)證(Authentication )與授權(quán)(Authorization)和ASP.NET中的大同小異,核實用戶的身份既為認(rèn)證，授權(quán)則是確定一個用戶是否有某種執(zhí)行權(quán)限，應(yīng)用程序可根據(jù)用戶信息授予和拒絕執(zhí)行。FluorineFx.NET的認(rèn)證和授權(quán)使用.Net Framework基于角色的安全性的支持。

??????比如說我們需要自定義一個認(rèn)證與授權(quán)的方案，指定那些遠(yuǎn)程服務(wù)上的那些方法將要被認(rèn)證或授權(quán)以及授權(quán)用戶角色組等，我們就需要自定義一個LoginCommand并實現(xiàn)ILoginCommand接口或者繼承于FluorineFx.Security.GenericLoginCommand(此類實現(xiàn)了ILoginCommand接口)基類。接口定義如下：

1?namespaceFluorineFx.Security2?{3?publicinterfaceILoginCommand4?{5?IPrincipal?DoAuthentication(stringusername,?Hashtable?credentials);6?boolDoAuthorization(IPrincipal?principal,?IList?roles);7?boolLogout(IPrincipal?principal);8?voidStart();9?voidStop();10?}11?}

??????網(wǎng)關(guān)通過調(diào)用該接口中的方法DoAuthentication()來實現(xiàn)驗證，具體的驗證規(guī)則我們可以自定義(重寫方法的實現(xiàn))。

1?///<summary>2?///自定義?LoginCommand3?///</summary>4?publicclassLoginCommand?:?GenericLoginCommand5?{6?publicoverrideIPrincipal?DoAuthentication(stringusername,?Hashtable?credentials)7?{8?stringpassword?=credentials["password"]?asstring;9?if(username?=="admin"&&password?=="123456")10?{11?//用戶標(biāo)識12?GenericIdentity?identity?=newGenericIdentity(username);13?//角色數(shù)組14?GenericPrincipal?principal?=newGenericPrincipal(identity,?newstring[]?{?"admin",?"privilegeduser"});15?returnprincipal;16?}17?else18?{19?returnnull;20?}21?}22?}

??????如上面代碼塊，檢測用戶是不是屬于"admin"和"privilegeduser"兩個角色組之一，否則則不能通過驗證。要實現(xiàn)授權(quán)則是通過DoAuthorization()方法來實現(xiàn)，我們同樣可以重寫實現(xiàn)以滿足自己的需求。

??????除此之外還需要service-config.xml，指定通過那一個LoginCommand來執(zhí)行認(rèn)證與授權(quán),以及要被授權(quán)的方法和角色組，login-command的class指向自定義的LoginCommand.

<security><security-constraint?id="privileged-users"><auth-method>Login</auth-method><roles><role>admin</role><role>privilegeduser</role></roles></security-constraint><login-command?class="FlexDotNet.ServiceLibrary.Authentication.LoginCommand"server="asp.net"/></security>

??????要使Flex能夠調(diào)用認(rèn)證與授權(quán)，同樣需要提供一個遠(yuǎn)程服務(wù)接口，并為該接口添加RemotingServiceAttribute描述:

1?namespaceFlexDotNet.ServiceLibrary.Authentication2?{3?///<summary>4?///遠(yuǎn)程服務(wù)LoginService5?///</summary>6?[RemotingService]7?publicclassLoginService8?{9?publicLoginService()10?{?}11?12?///<summary>13?///登錄14?///</summary>15?///<returns></returns>16?publicboolLogin(stringuserName,stringpassword)17?{18?if(userName?=="admin"&&password?=="123456")19?{20?//do?other21?returntrue;22?}23?else24?{25?//do?other26?returnfalse;27?}28?}29?30?///<summary>31?///注銷32?///</summary>33?///<param?name="userName">用戶名</param>34?///<returns></returns>35?publicboolLogout(stringuserName)36?{37?GenericIdentity?identity?=newGenericIdentity(userName);38?GenericPrincipal?principal?=newGenericPrincipal(identity,?newstring[]?{?"admin",?"privilegeduser"});39?40?if(newLoginCommand().Logout(principal))41?returntrue;42?returnfalse;43?}44?}45?}

??????在Flex或Flash端就可以通過RemoteObject來訪問遠(yuǎn)程對象，Flex的訪問配置如下代碼塊：

<mx:RemoteObject?id="loginService"destination="login"><mx:method?name="Login"result="onLoginResult(event)"fault="onLoginFault(event)"/></mx:RemoteObject>

??????通過配置RemoteObject指定訪問login這個配置的遠(yuǎn)程服務(wù)，服務(wù)里配置了一遠(yuǎn)程方法Login，并分別定義了訪問成功和失敗的處理函數(shù)。上面的RemoteObject訪問的目的地為login配置的目的地，詳細(xì)配置在remoting-config.xml里，如下：

<destination?id="login"><properties>?

????????????<source>FlexDotNet.ServiceLibrary.Authentication.LoginService</source></properties></destination>

??????FlexDotNet.ServiceLibrary.Authentication.LoginService為自定義的一個遠(yuǎn)程服務(wù)(標(biāo)記為RemotingService)接口,通過配置訪問目的地，Flex遠(yuǎn)程對象組件利用此目的地通過FluorineFx網(wǎng)關(guān)調(diào)用遠(yuǎn)程服務(wù)接口方法。

??????布局Flex界面，模擬登錄驗證的調(diào)用，Flex通過setCredentials()方法請求，詳細(xì)如下代碼塊：

privatefunction?Login():void
{
????loginService.logout();
??? loginService.setCredentials(txtName.text,txtPassword.text);
????loginService.Login();
} <?xml?version="1.0"?encoding="utf-8"?><mx:Application?xmlns:mx="http://www.adobe.com/2006/mxml"?layout="absolute">????<mx:Script>????????<![CDATA[????????????import?mx.utils.ObjectUtil;????????????import?mx.controls.Alert;????????????import?mx.rpc.events.FaultEvent;????????????import?mx.rpc.events.ResultEvent;????????????private?function?Login():void????????????{????????????????loginService.logout();????????????????loginService.setCredentials(txtName.text,txtPassword.text);????????????????loginService.Login();????????????}????????????????????????private?function?Logout():void????????????{????????????????loginService.logout();????????????}????????????????????????private?function?onLoginResult(evt:ResultEvent):void????????????{????????????????var?result:Boolean?=?evt.result?as?Boolean;????????????????if(result)????????????????????Alert.show("登錄驗證成功");????????????}????????????????????????private?function?onLoginFault(evt:FaultEvent):void????????????{????????????????Alert.show(ObjectUtil.toString(evt.fault),"登錄驗證失敗");????????????}????????]]>????</mx:Script>????????<mx:RemoteObject?id="loginService"?destination="login">????????<mx:method?name="Login"?result="onLoginResult(event)"?fault="onLoginFault(event)"/>????</mx:RemoteObject>????<mx:Panel?x="124"?y="102"?width="250"?height="200"?layout="absolute"?fontSize="12"?title="用戶登錄">????????<mx:Label?x="19"?y="28"?text="用戶名："/>????????<mx:Label?x="19"?y="72"?text="密???碼："/>????????<mx:TextInput?x="75"?y="26"?width="131"?id="txtName"/>????????<mx:TextInput?x="75"?y="69"?width="131"?id="txtPassword"?displayAsPassword="true"/>????????<mx:HBox?x="75"?y="107"?width="131"?height="30">????????????<mx:Button?label="登?錄"?click="Login()"/>????????????<mx:Button?label="清?空"/>????????</mx:HBox>????</mx:Panel></mx:Application> services-config.xml<?xml version="1.0" encoding="utf-8" ?>?<services-config><services><service-include file-path="remoting-config.xml" /></services><!-- Custom authentication --><security><security-constraint id="privileged-users"><auth-method>Custom</auth-method><roles><role>admin</role><role>privilegeduser</role></roles></security-constraint>?<login-command class="FlexDotNet.ServiceLibrary.Authentication.LoginCommand" server="asp.net"/></security><channels><channel-definition id="my-amf" class="mx.messaging.channels.AMFChannel"><endpoint uri="rtmp://localhost:2086/Web/Gateway.aspx" class="flex.messaging.endpoints.AMFEndpoint"/><properties><!-- <legacy-collection>true</legacy-collection> --></properties></channel-definition><channel-definition id="my-rtmp" class="mx.messaging.channels.RTMPChannel"><endpoint uri="rtmp://localhost:2086/Web/Gateway.aspx" class="flex.messaging.endpoints.RTMPEndpoint"/><properties><idle-timeout-minutes>20</idle-timeout-minutes></properties></channel-definition></channels></services-config>

總結(jié)

以上是生活随笔為你收集整理的Flex与.NET互操作(九)：FluorineFx.NET的认证(Authentication )与授权(Authorization)的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。