当前位置: 文江博客话题详情

在以下简单场景中,Roles.IsUserInRole 的行为是否符合预期?

发布于 2024-07-10 18:51:39 字数 660 浏览 8 评论 0原文

在 .NET 2.0 中的自定义角色提供程序(继承自 RoleProvider)中,IsUserInRole 方法已被硬编码为始终返回 true:

public override bool IsUserInRole(string username, string roleName) { return true; }

在配置为使用此角色提供程序的 ASP.NET 应用程序中,以下代码返回 true(如预期) :

Roles.IsUserInRole("any username", "any rolename"); // results in true

但是,以下代码返回 false:

Roles.IsUserInRole("any rolename"); // results in false

请注意,User.IsInRole("any rolename") 也返回 false。

  1. 这是预期的行为吗?
  2. 假设仅采用角色名称的重载仍会调用重写的 IsUserInRole 是否不正确?

更新:请注意,对于采用单个字符串的版本似乎没有可用的覆盖,这导致了我在 #2 中的假设。

原文

In a custom role provider (inheriting from RoleProvider) in .NET 2.0, the IsUserInRole method has been hard-coded to always return true:

public override bool IsUserInRole(string username, string roleName) { return true; }

In an ASP.NET application configured to use this role provider, the following code returns true (as expected):

Roles.IsUserInRole("any username", "any rolename"); // results in true

However, the following code returns false:

Roles.IsUserInRole("any rolename"); // results in false

Note that User.IsInRole("any rolename") is also returning false.

  1. Is this the expected behavior?
  2. Is it incorrect to assume that the overload that only takes a role name would still be invoking the overridden IsUserInRole?

Update: Note that there doesn't seem to be an override available for the version that takes a single string, which has led to my assumption in #2.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

咿呀咿呀哟 2024-07-17 18:51:39

我查看了 .net 反射器中的 Roles.IsUserInRole(string rolename),它解析为以下内容:

public static bool IsUserInRole(string roleName)
{
    return IsUserInRole(GetCurrentUserName(), roleName);
}

我将查看您当前的用户。 原因如下:

private static string GetCurrentUserName()
{
    IPrincipal currentUser = GetCurrentUser();
    if ((currentUser != null) && (currentUser.Identity != null))
    {
        return currentUser.Identity.Name;
    }
    return string.Empty;
}

我愿意打赌这会返回一个空字符串,因为您要么没有当前用户,要么它的名称是空字符串或 null。

IsUserInRole(string username, string roleName) 方法中,在开头附近有以下代码块:

   if (username.Length < 1)
   {
       return false;
   }

如果您的 GetCurrentUserName() 没有返回任何有意义的内容,那么它会在调用您重写的方法之前返回 false。

从这一点可以看出:Reflector 是一个很棒的工具:)

I looked at Roles.IsUserInRole(string rolename) in .net reflector, and it resolves to the following:

public static bool IsUserInRole(string roleName)
{
    return IsUserInRole(GetCurrentUserName(), roleName);
}

I would take a look at your current user. Here's why:

private static string GetCurrentUserName()
{
    IPrincipal currentUser = GetCurrentUser();
    if ((currentUser != null) && (currentUser.Identity != null))
    {
        return currentUser.Identity.Name;
    }
    return string.Empty;
}

I would be willing to bet this is returning an empty string because you either don't have a Current User, or its name is an empty string or null.

In the IsUserInRole(string username, string roleName) method, there is the following block of code right near the beginning:

   if (username.Length < 1)
   {
       return false;
   }

If your GetCurrentUserName() doesn't return anything meaningful, then it will return false before it calls your overridden method.

Moral to take away from this: Reflector is a great tool :)

回复 原文
美男兮 2024-07-17 18:51:39

另请注意,您是否在 RoleManager 配置中选择了 cacheRolesInCookie="true"。 如果您向数据库添加了新角色,它可能会查看 cookie 中的缓存版本。

我遇到了这个问题,解决办法是删除cookie并重新登录。

Also beware if you have selected cacheRolesInCookie="true" in the RoleManager config. If you have added a new role to the database, it might be looking at the cached version in the cookie.

I had this problem and the solution was to delete the cookie and re-login.

回复 原文
岛徒 2024-07-17 18:51:39

这可能会对某人有所帮助 - 请注意:

如果您使用登录控件进行身份验证 - 输入到控件中的用户名将成为 HttpContext.Current.User.Identity.Name,用于 Roles.IsUserInRole(string rolename) ,更具体地说- 会员资格的 GetUser() 方法。 因此,如果是这种情况,请确保您重写 Authenticate 事件,在此方法中验证用户并将用户名设置为您的自定义会员资格提供程序可以使用的值。

 protected void crtlLoginUserLogin_Authenticate(object sender, AuthenticateEventArgs e)
{
    bool blnAuthenticate = false;
    string strUserName = crtlLoginUserLogin.UserName;

    if (IsValidEmail(strUserName))
    {

        //if more than one user has email address - must authenticate by username.

        MembershipUserCollection users = Membership.FindUsersByEmail(strUserName);
        if (users.Count > 1)
        {
            crtlLoginUserLogin.FailureText = "We are unable to determine which account is registered to that email address. Please enter your Username to login.";

        }
        else
        {
            strUserName = Membership.GetUserNameByEmail(strUserName);
            blnAuthenticate = Membership.ValidateUser(strUserName, crtlLoginUserLogin.Password);

            //setting the userLogin to the correct user name (only on successful authentication)
            if (blnAuthenticate)
            {
                crtlLoginUserLogin.UserName = strUserName;
            }

        }


    }
    else
    {
        blnAuthenticate = Membership.ValidateUser(strUserName, crtlLoginUserLogin.Password);
    }

    e.Authenticated = blnAuthenticate;

}

This may help someone - be aware:

If you are using the login control to authenticate - the username entered into the control becomes the HttpContext.Current.User.Identity.Name which is used in the Roles.IsUserInRole(string rolename) and more specifically - the membership's GetUser() method. So if this is the case make sure you override the Authenticate event, validate the user in this method and set the username to a value that your custom membership provider can use.

 protected void crtlLoginUserLogin_Authenticate(object sender, AuthenticateEventArgs e)
{
    bool blnAuthenticate = false;
    string strUserName = crtlLoginUserLogin.UserName;

    if (IsValidEmail(strUserName))
    {

        //if more than one user has email address - must authenticate by username.

        MembershipUserCollection users = Membership.FindUsersByEmail(strUserName);
        if (users.Count > 1)
        {
            crtlLoginUserLogin.FailureText = "We are unable to determine which account is registered to that email address. Please enter your Username to login.";

        }
        else
        {
            strUserName = Membership.GetUserNameByEmail(strUserName);
            blnAuthenticate = Membership.ValidateUser(strUserName, crtlLoginUserLogin.Password);

            //setting the userLogin to the correct user name (only on successful authentication)
            if (blnAuthenticate)
            {
                crtlLoginUserLogin.UserName = strUserName;
            }

        }


    }
    else
    {
        blnAuthenticate = Membership.ValidateUser(strUserName, crtlLoginUserLogin.Password);
    }

    e.Authenticated = blnAuthenticate;

}
回复 原文
~没有更多了~

关于作者

绝影如岚

暂无简介

0 文章
0 评论
424 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

留蓝

文章 0 评论 0

18790681156

文章 0 评论 0

zach7772

文章 0 评论 0

Wini

文章 0 评论 0

ayeshaaroy

文章 0 评论 0

初雪

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文