ASP.NET MVC 3 区域和 web.config 中的多重身份验证
我一直在尝试关注此博客以使区域正常工作:
http://mstechkb.blogspot.com/2010/10/areas-in-aspnet-mvc-20.html
在博客文章中,它标识了按每个设置身份验证的能力区域,例如:
<location path="Area1">
<system.web>
<authentication mode="Windows" />
<authorization>
<allow roles="role1,role2"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
但是,当我尝试在 Visual Studio 2010 中的新项目中创建此区域时,我在运行时收到以下错误:
在应用程序级别之外使用注册为allowDefinition='MachineToApplication' 的节是错误的。此错误可能是由于未将虚拟目录配置为 IIS 中的应用程序而导致的。
据我所知,这是因为您无法指定身份验证元素,除非它位于顶级 web.config 中。
那么可以按照博文所说的去做吗? web.config 中的 Location 元素中是否可以包含带有 Authentication 元素的区域?
I have been attempting to follow this blog to get Areas working:
http://mstechkb.blogspot.com/2010/10/areas-in-aspnet-mvc-20.html
In the blog post, it identifies the ability to have authentication set per Area, e.g.:
<location path="Area1">
<system.web>
<authentication mode="Windows" />
<authorization>
<allow roles="role1,role2"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
However, when I try to create this in a new project in Visual Studio 2010 I get the following error when I run:
It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.
From what I can see this is because you cannot specify an authentication element unless it is in the top level web.config.
So it is possible to do what the blog post says? Can you have Areas with Authentication elements inside Location elements in the web.config?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
根据我对 ASP.NET MVC 的了解,最好将 [Authorization] 属性应用于各个控制器来设置授权规则,因为考虑到路由系统的工作方式,它更安全、更充分。
What I have learnt about ASP.NET MVC, it's always better to set the authorization rules with [Authorization] attribute applied to individual controllers, because it is safer and more adequate considering the way routing system works.