实现TDSAuthenticationManager的事件对DataSnap服务器的接口授权

我们只要实现DSAuthenticationManager1的OnuserAuthenticate和OnUserAuthorize事件，就可以对接口调用进行控制，事件如下：

procedure TServerContainer1.DSAuthenticationManager1UserAuthenticate(
  Sender: TObject; const Protocol, Context, User, Password: string;
  var valid: Boolean; UserRoles: TStrings);
begin
  { TODO : Validate the client user and password.
    If role-based authorization is needed, add role names to the UserRoles parameter  }

  if (User = 'Admin') and (Password = '123456') then
  begin
    valid := True ;
    UserRoles.Add('AdminGroup'); //加入到AdminGroup组别
  end else
  if (User = 'Guest') and (Password = '123456') then
  begin
    valid := True ;
    UserRoles.Add('GuestGroup'); //加入到GuestGroup组别
  end else
  valid := False ;
end;

procedure TServerContainer1.DSAuthenticationManager1UserAuthorize(
  Sender: TObject; EventObject: TDSAuthorizeEventObject;
  var valid: Boolean);
begin
  { TODO : Authorize a user to execute a method.
    Use values from EventObject such as UserName, UserRoles, AuthorizedRoles and DeniedRoles.
    Use DSAuthenticationManager1.Roles to define Authorized and Denied roles
    for particular server methods. }
  if EventObject.MethodAlias = 'TServerMethods1.EchoString' then
  begin
    valid := EventObject.UserRoles.IndexOf('AdminGroup') <> -1;
  end;

  if EventObject.MethodAlias = 'TServerMethods1.ReverseString' then
  begin
    valid := EventObject.UserRoles.IndexOf('GuestGroup') <> -1;
  end;
end;

客户端只要设置认证的用户名是Admin还是Guest就可以了，2个用户名都有属于自己的调用的接口方法，而且不能越权。

 

编译环境：Delphi XE7

加入DataSnap高级交流群439992010，即可下载本DEMO

转载于:https://www.cnblogs.com/Kim53622744/p/4401087.html