OWIN身份角色在本地工作,但是当我在远程IIS服务器上发布/运行相同的代码时似乎消失了
[英]OWIN identity roles work locally, but seem to disappear when I publish/run the same code on a remote IIS server
问题描述
Using an OWIN AuthenticationHandler within an MVC site, I sign in a user as follows: 
使用MVC站点内的OWIN AuthenticationHandler ,我以如下方式登录用户:
var claims = new List<Claim> { new Claim(ClaimTypes.Role, UIRoles.PowerUser) };
var identity = session.ToClaimsIdentity(DefaultAuthenticationTypes.ApplicationCookie, claims);
Context.Authentication.SignIn(identity);
At some point at a later time, I check that the user is a PowerUser : 在以后的某个时间,我检查用户是否为PowerUser :
User.Identity.HasRole(UIRoles.PowerUser)
This works on my local IIS, but once I publish it on a remote IIS machine, it always returns False when I try to check if the user is a PowerUser . 这适用于我的本地IIS,但是一旦将其发布到远程IIS计算机上,当我尝试检查用户是否为PowerUser时,它始终返回False 。 Why could this happen? 为什么会发生这种情况? Am I missing something from, say, the IIS server's configuration or within the remote machine's web.config ? 我是否从IIS服务器的配置中或远程计算机的web.config丢失了某些内容?
1 个解决方案
解决方案1
1 已采纳 2015-12-31 15:42:32
I found the cause. 我找到了原因。 It is a bit silly. 这有点傻。 I was reissuing cookies when I wanted to renew the user's session and the problem was that the SessionInfo object I was renewing these cookies to were being replaced with another SessionInfo object without any extra claims: 当我想续订用户的会话时,我正在重新发布cookie,问题是我更新这些cookie的SessionInfo对象被另一个SessionInfo对象替换,而没有任何额外的要求:
session.ToClaimsIdentity(DefaultAuthenticationTypes.ApplicationCookie);
This was wiping the extra claim of UIRoles.PowerUser from the original cookie for me. 对于我来说,这消除了UIRoles.PowerUser从原始cookie的额外要求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.