堆栈内存溢出
  简体   繁体   English

ASP.NET MVC 5错误的重定向登录页面

[英]ASP.NET MVC 5 Wrong Redirect Login Page

 原文  2014-12-11 11:24:01       c#/ asp.net/ asp.net-mvc/ asp.net-mvc-5

问题描述

I'm creating ASP.NET MVC 5 with "Individual User Accounts" Authentication Template. 我正在使用“个人用户帐户”身份验证模板创建ASP.NET MVC 5。 Then I create custom login page to authenticate user from database with Forms Authentication. 然后,我创建自定义登录页面,以使用Forms Authentication从数据库对用户进行身份验证。 

<authentication mode="Forms">
  <forms loginUrl="~/User/SignIn" timeout="2880" protection="All" />
</authentication>

For testing the custom login page, I add HomeController with Authorize attribute. 为了测试自定义登录页面,我添加了带有Authorize属性的HomeController After run the visual studio, it redirect to the SignIn page 运行visual studio后,它会重定向到SignIn页面

The problem is when I remove Authorize attribute at HomeController and add authorize filter at FilterConfig.cs 问题是当我在HomeController删除Authorize属性并在FilterConfig.cs上添加授权过滤器时 

public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
    filters.Add(new HandleErrorAttribute());
    filters.Add(new AuthorizeAttribute());
}

I've got HTTP error: "HTTP Error 401.0 - Unauthorized". 我有HTTP错误:“HTTP错误401.0 - 未经授权”。 How to fix this? 如何解决这个问题?

4 个解决方案

解决方案1
 4  2014-12-11 11:36:29

By doing this you place autherization restrictions on the login and register actions. 这样,您可以对登录和注册操作设置身份验证限制。 So basicly you need to be autherized to login or register. 因此,从根本上讲,您需要经过身份验证才能登录或注册。 Placing the allowAnonymous attributes on these actions might solve the problem. 在这些操作上放置allowAnonymous属性可能会解决问题。

解决方案2
 3 已采纳  2014-12-11 12:13:07

Because i put the correct answer as a comment at least 8 mins before anyone did I'll add it as an answer. 因为我在任何人之前至少8分钟将正确的答案作为评论,我将其添加为答案。

You basically need to add the [AllowAnonymous] attribute to your SignIn action, because essentially the filter you have created is making every action require authorisation to 'view'. 您基本上需要将[AllowAnonymous]属性添加到SignIn操作中,因为您创建的过滤器实际上是要求每个操作都需要授权才能“查看”。

Taken from AllowAnonymous attribute information 取自AllowAnonymous属性信息

"...in ASP.NET MVC 4, it's baked in. By baked in, I mean that: There's a built-in AllowAnonymousAttribute in the the System.Web.Mvc namespace which whitelists actions for anonymous access." “ ...在ASP.NET MVC 4中,它已经被烘焙了。烘焙后,我的意思是:System.Web.Mvc命名空间中有一个内置的AllowAnonymousAttribute,它将匿名访问的操作列入白名单。”

Taken from Global action filters information 取自全局动作过滤器信息

"ASP.NET MVC 3.0 introduces global action filters - an easy way to apply an action filter to every action in an MVC application." “ ASP.NET MVC 3.0引入了全局动作过滤器-一种将动作过滤器应用于MVC应用程序中每个动作的简便方法。” 

[AllowAnonymous]
public ActionResult SignIn() {
}

解决方案3
 0  2014-12-11 11:42:40

You've added a global attribute. 您已经添加了全局属性。 You need to append an attribute [AllowAnonymous] to the ones you want to not have the rule applied; 您需要在不想应用规则的属性上附加[AllowAnonymous]属性; 

  [AllowAnonymous]
  public ActionResult Home() {
    // ...
  }

解决方案4
 0  2014-12-11 11:46:35

Becasue you add AuthorizeAttribute to global filter. 请将AuthorizeAttribute添加到全局过滤器。 When you no authorized and access all action will redirect to "~/User/SignIn", But the action mapping "~/User/SignIn" also need you authorized. 当你没有授权和访问时,所有动作都会重定向到“〜/ User / SignIn”,但动作映射“〜/ User / SignIn”也需要你授权。 You can try this: 你可以试试这个: 

public class NoNeedAuthorizeAttribute : Attribute
{ 
}

And inherit AuthorizeAttribute override OnAuthorization method, If a action has NoNeedAuthorize attribute then ignore: 并继承AuthorizeAttribute重写OnAuthorization方法,如果操作具有NoNeedAuthorize属性,则忽略: 

public override void OnAuthorization(AuthorizationContext filterContext)
{
    if (!filterContext.ActionDescriptor.GetCustomAttributes(typeof(NoNeedAuthorizeAttribute), true).Any())
    {
        base.OnAuthorization(filterContext);
    }
}

Add the NoNeedAuthorizeAttribute to your SignIn action: NoNeedAuthorizeAttribute添加到您的SignIn操作中: 

public class UserController : Controller
{
    [NoNeedAuthorize]
    public ActionResult SignIn() 
    {
        //Sign in code..
    }
}

Finally, add 'GlobalAuthorizeAttribute' to globle filter: 最后,将'GlobalAuthorizeAttribute'添加到全局过滤器: 

public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
     filters.Add(new HandleErrorAttribute());
     filters.Add(new GlobalAuthorizeAttribute());
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Asp.net Mvc 5,两个帐户控制器和一个区域,但重定向到错误的登录页面 - Asp.net Mvc 5, two account controller and Area but redirect to wrong login page 在 Asp.net 核心 mvc 中登录后重定向到同一页面 - Redirect to same page after Login in Asp.net core mvc ASP.NET MVC4重定向到登录页面 - ASP.NET MVC4 Redirect to login page 在asp.net mvc中注册成功后用户名自动填写登录页面(重定向到登录) - Username auto fill in Login Page after Register success (Redirect to Login) in asp.net mvc 如何在 .ASP.NET Core MVC 中使用多个登录页面和未经授权的用户重定向不同的登录页面 - How to use multiple login pages in .ASP.NET Core MVC and unauthorized user redirect different login page 默认登录asp.net MVC3重定向到错误的视图。 这个在哪里? - Default Login asp.net MVC3 redirect to wrong view. Where is this set? ASP.NET MVC 4-登录主页 - ASP.NET MVC 4 - Login on home page 带有 ASP.NET 内核 (MVC) 的登录页面 - Login Page with ASP.NET Core (MVC) C#-Asp.net MVC主页/索引页面重定向到登录页面 - C# -Asp.net MVC Home/Index page redirect to login page ASP.NET MVC5 WebAPI2防止未经授权的重定向到登录页面 - ASP.NET MVC5 WebAPI2 Prevent Unauthorized Redirect to Login Page
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM