SecurityTrimming、自定义 RoleProvider 和服务器 500 错误:(
我有一个使用标准 asp 站点地图和菜单控件的自定义角色提供程序。我启用了安全修剪,并且当我修改 web.config 时,菜单项成功消失/重新出现:
<location path="x/y/z.aspx">
<system.web>
<authorization>
<allow roles="a, b, c" />
<deny users="*" />
</authorization>
</system.web>
</location>
但不幸的是,每当我访问这样的页面时,我都会看到非常基本的“500 - 内部服务器错误”。
如果我从配置中删除上述行,则不会发生此类错误(但每个人都可以访问该页面!)
这可能与我的自定义角色提供程序有关吗?它似乎可以与其他一切一起使用!我只重写了 IsUserInRole 和 GetRolesForUser 函数(所有其他强制函数我不返回任何内容或空数组等)。
谢谢你! :)
编辑:
我很确定这不是我的自定义角色提供程序导致错误。我的 web.config 中的其他位置确实有以下内容。
<location path="." inheritInChildApplications="false">
我的大部分配置都保存在本节中,其想法是我的所有 appSettings、sessionState、身份验证选项等都不会继承到在 IIS 中设置的其他应用程序,但它们保存在我正在工作的应用程序的子文件夹中现在。也许这个“位置”内的某些部分没有被转移到其他“位置”(即使它们不是子应用程序..!),这令人困惑 securityTrimming 确实有效......无论如何,通过移动以下内容上面的“位置”在该部分之外,一切又恢复正常了!有没有一种方法可以两全其美?
I have a custom roleprovider working with standard asp sitemap and menu control. I have securitytrimming enabled, and menu items successfully disappear/reappear as I amend the web.config as so:
<location path="x/y/z.aspx">
<system.web>
<authorization>
<allow roles="a, b, c" />
<deny users="*" />
</authorization>
</system.web>
</location>
but unfortunately, whenever I visit such a page, I'm shown the very basic "500 - Internal server error."
If I remove the above lines from the config, no such error occurs (but everyone has access to the page!)
Could this be to do with my custom roleprovider? It seems to work with everything else! I've only overridden the IsUserInRole and GetRolesForUser functions (all other obligatory functions I return nothing or empty arrays etc.).
Thank you! :)
EDIT:
I'm pretty sure this isn't my custom roleprovider causing the error.. I do have the following elsewhere in my web.config.
<location path="." inheritInChildApplications="false">
The bulk of my config was held in this section, the idea being that all my appSettings, sessionState, authentication options etc. would not be inherited into other applications, set up in IIS but which were held in subfolders of the application I'm working on now. Perhaps there are sections inside of this 'location' that aren't being transferred to other 'locations' (even though they're not child applications..!) confusing that the securityTrimming does work.... anyway by moving the contents of the above 'location' outside of that section, everything works again! Is there a way of having the best of both worlds?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
关闭浏览器中的友好错误消息以查看真正的问题。
Turn off friendly error messages in your browser to view the real issue.