MVC3区域+授权属性+角色奇怪问题
我真的不知道该用什么标题来描述我的问题。为了简化我的问题。这是我的测试。我从头开始创建一个 mvc3 站点。然后我添加名为“admin”的区域。在管理内部,我有一个名为“搜索”的控制器,并装饰了“授权”属性。然后,我更改了 Global.ascx.cs 路由设置以附加我的控制器命名空间。现在我开始我的测试。
问题1
当我访问 http://localhost:xxx/Search 页面时,它将我重定向回 /Account/Logon 页面,这首先让我感到困惑,为什么它会将我重定向到登录页面?据我了解,它根本不应该到达管理搜索控制器。如果我删除了授权属性,它会显示黄色屏幕,表示找不到我预期的视图。
问题2
如果我添加带有角色的授权属性,例如(Roles="Admin"),那么我再次尝试访问搜索页面,无论登录成功与否,我总是会重定向回登录页面。为什么它没有给我黄色屏幕,因为我试图请求主站点中的搜索控制器索引视图而不是管理区域的索引视图。相当混乱。
我是 MVC 开发的新手,有人可以给我解决我的问题吗?
感谢
Global.ascx.cs
public static void RegisterRoutes(RouteCollection routes) {
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapRoute(
"Default", // Route name
"{controller}/{action}/{id}", // URL with parameters
new { controller = "Home", action = "Index", id = UrlParameter.Optional },
new string[]{"TestAreaRouting.Controllers"}
);
}
I really don't know what title should I use to describe my problem. To simplify my problem. Here is my test. I create a mvc3 site from scratch. I then add area called "admin". Inside admin, I have a controller named "Search" and has "Authorize" attribute decorated. I then changed my Global.ascx.cs route setting to append my controller namespace. Now I start my test.
Question 1
When I am accessing to http://localhost:xxx/Search page, it redirects me back to /Account/Logon page, it makes me confuse first, why it redirects me to logon page? it shouldn't reach to Admin search controller at all as I understand. If I removed the Authorize attribute, it display the yellow screen said can't find the view as I expected.
Question 2
If I add Authorize attribute with role, e.g. (Roles="Admin"), then I try access to Search page again, no matter login succeed or not, I always get redirect back to logon page. Why it doesn't give me the yellow screen, coz I am trying to request the search controller index view in the main site not the admin area's one. quite confuse.
I am a newbie in MVC development, can someone give me a solution regarding to my problem?
Thanks
Global.ascx.cs
public static void RegisterRoutes(RouteCollection routes) {
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapRoute(
"Default", // Route name
"{controller}/{action}/{id}", // URL with parameters
new { controller = "Home", action = "Index", id = UrlParameter.Optional },
new string[]{"TestAreaRouting.Controllers"}
);
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您可以通过设置
UseNamespaceFallback数据,将默认控制器工厂限制为仅在Global.asax的RegisterRoutes方法中查找控制器的指定命名空间。 token 为false:如果您在请求
/search时不执行此操作,则admin区域路由不匹配,因为 url 不匹配开始于Admin前缀。所以它是匹配的默认路由。默认控制器工厂开始扫描程序集以查找派生自
Controller的名为SearchController的类,并且由于找到了该类,因此将其实例化并使用它来服务请求。显然它没有找到相应的索引视图,因为它在~/Views/Search/Index.cshtml中查找,而该视图显然不存在。实际景观位于该区域。现在我们已经将控制器限制在各自的位置,您可以使用 Authorize 属性来装饰它们,并且它的行为应该一致。
You could constrain the default controller factory to look only inside the specified namespace for controllers in the
RegisterRoutesmethod ofGlobal.asaxby setting theUseNamespaceFallbackdata token tofalse:If you don't do this when you request
/searchtheadminarea route doesn't match because the url doesn't start with theAdminprefix.So it is the default route that matches. The default controller factory starts scanning the assembly for a class called
SearchControllerthat derives fromControllerand since it finds one it instantiates it and uses it to serve the request. Obviously it doesn't find a corresponding Index view because it looks in~/Views/Search/Index.cshtmlwhich obviously doesn't exist. The actual view is located in the area.Now that we have constrained the controllers to their respective locations you could decorate them with the Authorize attribute and it should behave consistently.