Security » Authorization » 介绍
Introduction¶ 介绍
Authorization refers to the process that determines what a user is able to do. For example user Adam may be able to create a document library, add documents, edit documents and delete them. User Bob may only be authorized to read documents in a single library.
授权指的是确定一个用户可以做什么的过程。例如用户Adam可以新建文档库、添加文档、编辑文档以及删除。用户Bob只能被授权在某一个库中阅读文档。
Authorization is orthogonal and independent from authentication, which is the process of ascertaining who a user is. Authentication may create one or more identities for the current user.
授权是与身份验证正交并且独立的。身份验证是确认一个用户是谁的过程。身份验证可以为当前用户创建一个或多个身份。
Namespaces¶ 命名空间
Authorization components, including the AuthorizeAttribute
and AllowAnonymousAttribute
attributes are found in the Microsoft.AspNetCore.Authorization
namespace.
授权包括AuthorizeAttribute
和AllowAnonymousAttribute
属性,可在Microsoft.AspNetCore.Authorization
命名空间中找到。