在 ASP.NET MVC 2 应用程序中看不到主体角色

发布于 2024-09-14 03:53:45 字数 1142 浏览 7 评论 0原文

我正在编写 ASP.NET MVC 2 应用程序,并且不想使用 ASP.NET 成员资格。我确实想在控制器上使用授权属性。到目前为止我所做的是...

Web.config

<roleManager enabled="true" />

<authentication mode="Forms">
  <forms loginUrl="~/Authentication/Login" timeout="2880"/>
</authentication>
<authorization>
  <allow users="*" /> /* This is for testing */
</authorization>

在我的 Global.asax 中,

 protected void Application_AuthenticateRequest(Object sender, EventArgs e)
    {
        var cookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];

        if (cookie == null) return;
        var decryptedCookie = FormsAuthentication.Decrypt(cookie.Value);            
        var roles = decryptedCookie.UserData.Split('|');

        var tcmIdentity = new TcmIdentity(decryptedCookie.Name);
        var tcmPrincipal = new GenericPrincipal(tcmIdentity, roles);

        Context.User = tcmPrincipal;
    }

我使用自定义 IIdentity,以便将来可以添加一些自定义属性。为了在我的控制器操作中测试这一点,我这样做了...

var testPrincipal = User;

我可以看到带有所有用户信息的自定义身份,但主体对象上没有角色。对我错过的任何帮助都会很棒。谢谢。

I am writing an ASP.NET MVC 2 application and don't want to use ASP.NET Membership. I do want to use the Authorize attribute on the Controllers. What I have done so far is ...

Web.config

<roleManager enabled="true" />

<authentication mode="Forms">
  <forms loginUrl="~/Authentication/Login" timeout="2880"/>
</authentication>
<authorization>
  <allow users="*" /> /* This is for testing */
</authorization>

In my Global.asax

 protected void Application_AuthenticateRequest(Object sender, EventArgs e)
    {
        var cookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];

        if (cookie == null) return;
        var decryptedCookie = FormsAuthentication.Decrypt(cookie.Value);            
        var roles = decryptedCookie.UserData.Split('|');

        var tcmIdentity = new TcmIdentity(decryptedCookie.Name);
        var tcmPrincipal = new GenericPrincipal(tcmIdentity, roles);

        Context.User = tcmPrincipal;
    }

I am using a custom IIdentity so that I can add some custom properties in the future. To test this in my Controller action I did this ...

var testPrincipal = User;

I can see the custom Identity with all of the user information but there are no roles on principal object. Any help with what i have missed would be great. Thanks.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

一身仙ぐ女味 2024-09-21 03:53:45

我相信您需要一个角色提供者。与成员资格提供程序处理用户成员资格、创建、删除、验证、编辑的方式非常相似,为了使用角色,您需要使用 RoleProvider (ASP.NET 实现角色提供程序)。

这还需要在 web.config 中启用角色,例如:

<roleManager enabled="enabled" defaultProvider="AspNetSqlRoleProvider">
  <providers>
    <clear/>
      <add name="AspNetSqlRoleProvider" 
           type="System.Web.Security.SqlRoleProvider"
           connectionStringName="ApplicationServices" 
           applicationName="/" />
      <add name="AspNetWindowsTokenRoleProvider"
           type="System.Web.Security.WindowsTokenRoleProvider"
           applicationName="/" />
  </providers>
</roleManager>

这可能有用:
SO asp-net-mvc-roles-without-database -and-without-role-provider

可能是:
ASP.NET 2.0,没有“角色提供程序”的自定义角色分配

I believe you need a role provider. Much like how a Membership provider handles the membership of users, create, delete, validate, edit, in order to use roles, you need to use a RoleProvider (ASP.NET Implementing a Role Provider).

Which also requires enabling roles in the web.config, for example:

<roleManager enabled="enabled" defaultProvider="AspNetSqlRoleProvider">
  <providers>
    <clear/>
      <add name="AspNetSqlRoleProvider" 
           type="System.Web.Security.SqlRoleProvider"
           connectionStringName="ApplicationServices" 
           applicationName="/" />
      <add name="AspNetWindowsTokenRoleProvider"
           type="System.Web.Security.WindowsTokenRoleProvider"
           applicationName="/" />
  </providers>
</roleManager>

This might be useful:
SO asp-net-mvc-roles-without-database-and-without-role-provider

As Might be:
ASP.NET 2.0, Custom Role assignment without a 'Role Provider'

独木成林 2024-09-21 03:53:45

更新:

最后我通过更改

protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
    var cookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];

    if (cookie == null) return;
    var decryptedCookie = FormsAuthentication.Decrypt(cookie.Value);            
    var roles = decryptedCookie.UserData.Split('|');

    var tcmIdentity = new TcmIdentity(decryptedCookie.Name);
    var tcmPrincipal = new GenericPrincipal(tcmIdentity, roles);

    Context.User = tcmPrincipal;
}

protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
    var cookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];

    if (cookie == null) return;
    var decryptedCookie = FormsAuthentication.Decrypt(cookie.Value);            
    var roles = decryptedCookie.UserData.Split('|');

    var tcmIdentity = new TcmIdentity(decryptedCookie.Name);
    var tcmPrincipal = new GenericPrincipal(tcmIdentity, roles);

    Thread.CurrentPrincipal = Context.User = tcmPrincipal;
}

UPDATE:

In the end I got this working by changing

protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
    var cookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];

    if (cookie == null) return;
    var decryptedCookie = FormsAuthentication.Decrypt(cookie.Value);            
    var roles = decryptedCookie.UserData.Split('|');

    var tcmIdentity = new TcmIdentity(decryptedCookie.Name);
    var tcmPrincipal = new GenericPrincipal(tcmIdentity, roles);

    Context.User = tcmPrincipal;
}

to

protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
    var cookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];

    if (cookie == null) return;
    var decryptedCookie = FormsAuthentication.Decrypt(cookie.Value);            
    var roles = decryptedCookie.UserData.Split('|');

    var tcmIdentity = new TcmIdentity(decryptedCookie.Name);
    var tcmPrincipal = new GenericPrincipal(tcmIdentity, roles);

    Thread.CurrentPrincipal = Context.User = tcmPrincipal;
}
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文