堆栈内存溢出
  简体   繁体   English

使用ActionNameSelectorAttribute时会引发异常“尚未为控制器配置安全性”

[英]Exception “Security has not been configured for controller” is thrown when ActionNameSelectorAttribute is used

 原文  2014-09-18 12:10:29       c#/ asp.net-mvc/ fluent-security

问题描述

I have a problem with the FluentSecurity when the ActionNameSelectorAttribute is used on controller's action. 在控制器的动作上使用ActionNameSelectorAttribute时, FluentSecurity出现问题。 

public static void Configure()
{
    var applicationConfiguration = DependencyResolver.Current.GetService<IApplicationConfiguration>();
    var superUserGroupName = applicationConfiguration.GetSuperUserGroupName();
    var userGroupName = applicationConfiguration.GetUserGroupName();

    var securityConfiguration = SecurityConfigurator.Configure(configuration =>
                                   {
                                       configuration.GetAuthenticationStatusFrom(() => HttpContext.Current.User.Identity.IsAuthenticated);
                                       configuration.GetRolesFrom(System.Web.Security.Roles.GetRolesForUser);

                                       configuration.ForAllControllers().DenyAnonymousAccess().CachePerHttpRequest();
                                       configuration.ForAllControllers().RequireAnyRole(superUserGroupName).CachePerHttpRequest();
                                       configuration.For<Elmah.Mvc.ElmahController>().RequireAnyRole(userGroupName).CachePerHttpRequest();

                                       configuration.ApplyProfile<ProjectSecurityProfile>();
                                       configuration.ApplyProfile<ProjectsSecurityProfile>();
                                       configuration.ApplyProfile<RewecoSecurityProfile>();

                                       configuration.DefaultPolicyViolationHandlerIs(() => new HttpUnauthorizedPolicyViolationHandler());
                                   });
    securityConfiguration.AssertAllActionsAreConfigured();
}

When I run the application under the configuration above with the AssertAllActionsAreConfigured everything seems to be correct, no exceptions. 当我使用AssertAllActionsAreConfigured在上述配置下运行应用程序时,一切似乎都是正确的,没有例外。 But as soon as I call the action methods in the ActualHoursAssignmentController where the HttpParamAction is used , which is the class which inherits from ActionNameSelectorAttribute I get the exception. 但只要我打电话的动作方法ActualHoursAssignmentController其中HttpParamAction使用,这是从继承的类ActionNameSelectorAttribute我得到的异常。

Security has not been configured for controller PDATA.Web.Controllers.ActualHoursAssignmentController, action ActionChoiceByNameAttributeValue Area: (not set) Controller: ActualHoursAssignment Action: ActionChoiceByNameAttributeValue 尚未为控制器PDATA.Web.Controllers.ActualHoursAssignmentController配置安全性,操作ActionChoiceByNameAttributeValue区域:(未设置)控制器:ActualHoursAssignment操作:ActionChoiceByNameAttributeValue 

public class HttpParamActionAttribute : ActionNameSelectorAttribute
{
    public static string ActionChoiceByNameAttributeValue
    {
        get { return "ActionChoiceByNameAttributeValue"; }
    }

    public override bool IsValidName([NotNull] ControllerContext controllerContext, 
                                     [NotNull] string actionName, [NotNull] MethodInfo methodInfo)
    {
        if (controllerContext == null)
        {
            throw new ArgumentNullException("controllerContext");
        }

        if (actionName == null)
        {
            throw new ArgumentNullException("actionName");
        }

        if (methodInfo == null)
        {
            throw new ArgumentNullException("methodInfo");
        }

        if (String.IsNullOrWhiteSpace(actionName))
        {
            throw new ArgumentException("actionName");
        }

        if (String.IsNullOrWhiteSpace(methodInfo.Name))
        {
            throw new ArgumentException("methodInfo.Name");
        }

        if (actionName.Equals(methodInfo.Name, StringComparison.InvariantCultureIgnoreCase))
            return true;

        if (!actionName.Equals(ActionChoiceByNameAttributeValue, StringComparison.InvariantCultureIgnoreCase))
            return false;

        var request = controllerContext.RequestContext.HttpContext.Request;
        return request[methodInfo.Name] != null;
    }
}

Usage of HttpParamAction attribute in ActualHoursAssignmentController HttpParamAction属性在ActualHoursAssignmentController中的ActualHoursAssignmentController 

public class ActualHoursAssignmentController : PdataBaseController
{
    [HttpParamAction]
    [HttpPost]
    public ActionResult UpdateAssignment(ActualHoursAssignmentViewModel vm)
    {

    }

    [HttpParamAction]
    [HttpPost]
    public ActionResult DeleteAssignment(ActualHoursAssignmentViewModel vm)
    {

    }
}

UPDATE: Because I didn't find the solution I temporary eliminate of usage HttpParamActionAttribute . 更新:因为找不到解决方案,所以暂时消除了HttpParamActionAttribute的用法。 Instead of that I'm using this solution to call multiple buttons in the one Form , but the question persists, maybe it is a bug. 取而代之的是,我使用这种解决方案在一个Form中调用多个按钮,但是问题仍然存在,也许是一个错误。

1 个解决方案

解决方案1
 0  2014-09-18 12:17:30

It looks like there is an issue in older versions of FluentSecurity with supporting Controller inheritance, see: 似乎在较旧版本的FluentSecurity中存在支持Controller继承的问题,请参见:

https://github.com/kristofferahl/FluentSecurity/wiki/Securing-controllers#securing-controllers-based-on-inheritance https://github.com/kristofferahl/FluentSecurity/wiki/Securing-controllers#securing-controllers-based-on-inheritance

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在已部署的SSIS包中使用HtmlAgilityPack异常已被抛出 - HtmlAgilityPack exception has been thrown when used in deployed SSIS package 创建控制器时“调用目标已抛出异常”(ASP.NET MVC 5 with MySql) - “Exception has been thrown by target of invocation” when creating controller (ASP.NET MVC 5 with MySql) 运行时,调用的目标已引发异常 - Exception has been thrown by the target of an invocation When Running 使用Tesseract ocr时,调用目标抛出了异常 - Exception has been thrown by the target of an invocation when using Tesseract ocr 如何断言异常已被抛出 - How to assert an exception has been thrown Azure MobileServiceInvalidOperation已抛出异常 - Azure MobileServiceInvalidOperation Exception has been thrown LINQ和Exception已被调用目标抛出 - LINQ and Exception has been thrown by the target of an invocation 调用目标抛出了Kinect异常 - Kinect exception has been thrown by the target of an invocation Xamarin 中的调用目标引发异常 - Exception has been thrown by the target of an invocation in Xamarin 调用MVC的目标已引发异常 - Exception has been thrown by the target of an invocation MVC
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM