[英]ASP.NET IIS user role authentication
I'm currently working on a ASP.NET MVC4 website. 我目前在ASP.NET MVC4网站上工作。 And in that website i wan't users that are part of an certain role to be allowed to run the code. 而且在该网站中,我不允许具有特定角色的用户被允许运行代码。 I use the following code: 我使用以下代码:
[Authorize(Roles = GROUP)]
public void Auth()
{
/* if user is in the domain and signed in
* and a member of the above group
* they will come here */
username = User.Identity.Name;
//Do somthing
}
And this works great, but when the user isn't part of the domain and/or group it wil prompt for username and password. 这很有效,但是当用户不属于域和/或组时,它将提示输入用户名和密码。 Is it possible to skip the prompt and just redirect that user? 是否可以跳过提示并仅重定向该用户?
This website is setup in a IIS 8 with authentication set to windows authentication 该网站是在IIS 8中设置的,身份验证设置为Windows身份验证
Well I would create a Custom Authorization Attribute and implement HandleUnauthorizedRequest method to solve this problem. 好吧,我将创建一个自定义授权属性并实现HandleUnauthorizedRequest方法来解决此问题。
public class CustomAutorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
// do authorization logic
// ...
return (/* isAuthorized */);
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
UrlHelper urlHelper = new UrlHelper(filterContext.RequestContext);
filterContext.Result = new RedirectResult(urlHelper.Action("Index", "Error"));
}
}
For more information read How to: Create a Custom Authorization Attribute 有关更多信息,请阅读如何:创建自定义授权属性。
use 采用
[Authorize(Roles = GROUP)]
[HandleError(ExceptionType = typeof(UnauthorizedAccessException), View = "ApplicationError")]
public void Auth()
{
/* if user is in the domain and signed in
* and a member of the above group
* they will come here */
username = User.Identity.Name;
//Do somthing
}
where you can sepcify view for unauthorized access user 您可以在其中分隔未经授权访问用户的视图
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.