扩展WindowsIdentity / WindowsPrincipal
[英]Extending WindowsIdentity/WindowsPrincipal in
问题描述
I have an application in MVC 4, ASP.NET 4.5 and Windows Authentication. 
我在MVC 4,ASP.NET 4.5和Windows身份验证中有一个应用程序。 I'm trying to extend the Identity and Principal objects (WindowsIdentity and WindowsPrincipal respectively) in order to provide additional information about the user logged on, but when I try to create the extended instance of these objects and replace the Current.User it throws an error: 我试图扩展Identity和Principal对象(分别为WindowsIdentity和WindowsPrincipal),以提供有关登录用户的其他信息,但是当我尝试创建这些对象的扩展实例并替换Current.User时,它将抛出一个错误。错误:
System.UnauthorizedAccessException: "Attempted to perform an unauthorized operation."
Below the code I'm using in the global.asax: 在global.asax中使用的代码下方:
public void WindowsAuthentication_OnAuthenticate(object sender, WindowsAuthenticationEventArgs args)
{
if (!args.Identity.IsAnonymous)
{
var userData = WindowsUserDataHelper.GetWindowsUserData(args.Identity);
var user = new MyCustomPrincipal(new MyCustomIdentity(args.Identity.Name, userData));
HttpContext.Current.User = user; //-- exception thrown here
Thread.CurrentPrincipal = user;
}
}
Here is the web.config settings: 这是web.config设置:
<authentication mode="Windows" >
</authentication>
<authorization>
<deny users="?" />
</authorization>
And in my local IIS I have set the authentication this way: 在我的本地IIS中,我以这种方式设置了身份验证:
- Anonymous: Disabled 匿名:禁用
- Basic: Disabled 基本:禁用
- Windows Authentication: Enabled Windows身份验证:已启用
- Forms Authentication: Disabled 表单身份验证:已禁用
- ASP.NET Impersonation: Disabled ASP.NET模拟:已禁用
1 个解决方案
解决方案1
1 已采纳 2014-04-11 22:14:50
The solution for my problem was given in this question: MVC3 Windows Authentication override User.Identity , in the edit that the user made on its own question. 在以下问题中给出了针对我的问题的解决方案: MVC3 Windows身份验证覆盖User.Identity ,这是用户对自己的问题进行的编辑。
Basically, to summarize it: I was doing the replace of the Principal in the event public void WindowsAuthentication_OnAuthenticate(object sender, WindowsAuthenticateEventArgs args) , and I was supposed to do it in protected void Application_AuthorizeRequest(object sender, EventArgs e) (which is not the same as in Forms Authentication Application_AuthenticateRequest ). 基本上,总结一下:我在事件public void WindowsAuthentication_OnAuthenticate(object sender, WindowsAuthenticateEventArgs args)进行了Principal的替换,并且应该在protected void Application_AuthorizeRequest(object sender, EventArgs e)中进行了替换(不是与表单身份验证Application_AuthenticateRequest相同)。
The code in Global.asax ends up being something like this: Global.asax中的代码最终是这样的:
protected void Application_AuthorizeRequest(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
{
var userData = WindowsUserDataHelper.GetWindowsUserData((WindowsIdentity)User.Identity);
var user = new MyCustomPrincipal(new MyCustomIdentity(User.Identity.Name, userData));
HttpContext.Current.User = user;
Thread.CurrentPrincipal = user;
}
}
From here, the User is replaced with the extended version of the Principal and the rest of the application can consume it from anywhere (view, controller, etc). 从这里开始,用户将替换为主体的扩展版本,应用程序的其余部分可以从任何地方(视图,控制器等)使用它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.