In my web application I have various components that need to access the currently authenticated user (HttpContext.User).
There are two obvious ways a component can access this: 1) Accessing getting the User from HttpContext.Current 2) Passing the user around in constructors
- Is not ideal because it makes testing difficult and ties application components to web concerns, when they really shouldn't know about it.
- Is just messy and complicates everything.
So I've been thinking about passing in the current user (or perhaps just the name/id) to any component that needs it using an IoC container (via dependency injection).
Is anyone using this technique to supply the current ASP.NET user to parts of the application? Or, Does this sound like a sensible approach? I would like know how this has worked out for people.
Thanks
UPDATE: Thanks to Raj for a great example. If anyone has a similar example using AutoFac it would be much appreciated!
UPDATE2: Thanks for the answers, wish I could ha开发者_如何学Pythonve split the accept!
In autofac:
builder.Register(c => HttpContext.Current.User.Identity).HttpRequestScoped();
What about using the IPrincipal which also contains the IIdentity instead?
http://msdn.microsoft.com/en-us/library/f8kt7fb8%28v=VS.100%29.aspx
http://msdn.microsoft.com/en-us/library/f8kt7fb8%28v=VS.100%29.aspx
--updated--
private static void AddSecurityConcernsTo(IWindsorContainer container)
{
container.Register(Component.For<IIdentity>()
.LifeStyle.PerWebRequest
.UsingFactoryMethod(() => HttpContext.Current.User.Identity));
container.Register(Component.For<IPrincipal>()
.LifeStyle.PerWebRequest
.UsingFactoryMethod(() => HttpContext.Current.User));
container.Register(Component.For<HttpSessionStateBase>()
.LifeStyle.PerWebRequest
.UsingFactoryMethod(() => new HttpSessionStateWrapper(HttpContext.Current.Session)));
}
ref: http://blog.coreycoogan.com/tag/controller-ioc/
精彩评论