[英]MVC4 Forms Authentication Active Directory Custom Authorize Attribute
In my C# MVC4 application I am using Forms Based Authentication with Active Directory. 在我的C#MVC4应用程序中,我在Active Directory中使用基于表单的身份验证。 I have a custom AD membership provider.
我有一个自定义AD成员资格提供程序。 I have tested successfully that it can read and verify which groups a user belongs to.
我已经成功测试了它可以读取和验证用户所属的组。 Now, Im trying to create a custom authorize attribute which will do the following:
现在,我正在尝试创建一个自定义授权属性,该属性将执行以下操作:
if (user is logged-in/not timed-out/authenticated)
{
if (user's role is equal to role 1 or role 2)
{
return a specific view or (preferably) perform a specific redirect to action
}
else
{
return a different specific view or (preferably) perform a different specific redirect to action
}
}
else
{
return View
}
Here is what I have so far: 这是我到目前为止的内容:
public class AuthorizeEditAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext.Request.IsAuthenticated)
{
if ((httpContext.User.IsInRole("group1")) || (httpContext.User.IsInRole("group2")))
{
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}
I cant figure out how to also perform the redirect tasks. 我不知道如何还执行重定向任务。 I've looked at this post which discussing how to do a redirect but don't understand how I can integrate this with what I have so far.
我看了这篇文章 ,讨论了如何进行重定向,但是不了解如何将其与到目前为止的内容集成。 Specifically because I believe I have to use AuthorizeCore to get access to httpcontext.user for the first check I perform and I do not know how to pass in another parameter of type AuthorizationContext needed to do what appears to be passing along the desired path for the redirect.
特别是因为我相信我必须使用AuthorizeCore才能访问我执行的第一个检查的httpcontext.user,并且我不知道如何传递另一个AuthorizationContext类型的参数来执行似乎沿着期望路径传递的操作。重定向。
I think you should also overwrite the OnAuthorization
method. 我认为您还应该覆盖
OnAuthorization
方法。 This has an AuthorizationContext
parameter that may allow you to set the Result to a RedirectResult
of your liking... 它具有一个
AuthorizationContext
参数,可以让您将Result设置为自己喜欢的RedirectResult
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.