For security with Monorail, I prefer using the IPrincipal and the PrincipalPermission attribute as detailed by Ayende here:
http://ayende.com/blog/1106/castle-demo-app-viewcomponents-security-filters-and-friends --- Patrick Steele http://weblogs.asp.net/psteele On Sun, Sep 18, 2011 at 4:32 AM, Carlos <[email protected]> wrote: > Thank you very much,Mr. Steele. > > Your reply really helps me. > > I kind of hope the IDynamicActionProvider could be a coordinator for > my project,dynamically add actions to controllers due to different > user identity.I read the link in your reply,and seem to me that this > IDynamicActionProvider thing is some part of a 'Application > Inialization' that happens way before user can really interact with > anything in the site.I used to think that this Dynamic Action > Distribution is a Runtime thing that happens everywhere in the > lifecycle of the site. > > If what I think was right,this IDynamicActionProvider does not support > hot-plugging, it's main purpose is still Reusing the Actions across > controllers.Is this Dynamically Adding Actions at Runtime thing > possible with monorail? Can I achive this by change the Lifecyclestyle > or any other configurations,or even by writing my own controller > factory? > > Thank you again! > > > On 9月17日, 下午10时22分, Patrick Steele <[email protected]> wrote: >> From this thread: >> >> http://markmail.org/message/o27x3yli6faos2sb#query:+page:1+mid:o27x3y... >> >> It sounds like Dynamic Actions are resolved before ASP.NET has >> provided MonoRail with the associated Session. >> >> Instead of conditionally adding the action based on role, I think you >> may want to change your approach so the role check is done inside the >> dynamic action code. >> >> --- >> Patrick Steelehttp://weblogs.asp.net/psteele >> >> >> >> On Sat, Sep 17, 2011 at 5:19 AM, Carlos <[email protected]> wrote: >> > Hi, fellows. I'm using monorail ver.1.0.3.00 under .net framework >> > 2.0.Yes I know the version is outdate,but my virtual host only >> > supports .net2.0,so I can't just upgrade. Anyway here' the problem: >> >> > I'm trying to add some Dynamic actions to the controller by determine >> > the user's role in a Session[],this session was created the minute the >> > user logged in,and for now, it's always created to test the >> > function.But when I implement the >> > IDynamicActionProvider.IncludeActions(Controller controller) >> > function,I try to get the user's role from the >> > controller.Session[],but due to protection level the >> > controller.Session[] is not available.So I try to use the >> > controller.Context.Session[] ,but an null reference exception threw >> > out. >> >> > Is there anyone who know the prolem can tell me why the Session[] is >> > always null at this place,and how can I get access to the Session[] >> > inside the IDynamicActionProvider.IncludeActions(Controller >> > controller) function. >> >> > Many thanks. >> >> > -- >> > You received this message because you are subscribed to the Google Groups >> > "Castle Project Users" group. >> > To post to this group, send email to [email protected]. >> > To unsubscribe from this group, send email to >> > [email protected]. >> > For more options, visit this group >> > athttp://groups.google.com/group/castle-project-users?hl=en.- 隐藏被引用文字 - >> >> - 显示引用的文字 - > > -- > You received this message because you are subscribed to the Google Groups > "Castle Project Users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/castle-project-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Castle Project Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/castle-project-users?hl=en.
