授权(角色=“管理员”)不起作用
[英]Authorize(Roles=“Admin”) does not work
问题描述
I'm writing ASP.NET application with Identity as authorization engine. 
我正在使用Identity作为授权引擎编写ASP.NET应用程序。 I wrote my custom user and role stores and they seem to work correctly. 我编写了自定义用户和角色存储,它们似乎正常工作。 However, for some unknown reason, attempt to use Authorize with role on controller's action fails and redirects to Home/Index . 但是,由于某些未知原因,尝试在控制器操作上使用Authorize with role失败并重定向到Home/Index 。 The action looks like following: 该操作如下所示:
[Authorize(Roles = "Admin")]
public ActionResult Manage()
{
return View();
}
The redirection is being done silently, so I cannot hook debugger anywhere (especially that action filtering is being done before running action). 重定向是以静默方式完成的,因此我无法将调试器挂钩到任何地方(尤其是在运行操作之前正在执行动作过滤)。
I guess this may not be enough to diagnose the problem, so just tell me in comments, what additional information do you need and I'll edit the question. 我想这可能不足以诊断问题,所以请在评论中告诉我,您需要哪些其他信息,我将编辑问题。
Why doesn't it work? 为什么不起作用?
Edit : Configuration in Startup.cs 编辑 :Startup.cs中的配置
public void Configuration(IAppBuilder app)
{
DataProtectionProvider = app.GetDataProtectionProvider();
app.CreatePerOwinContext<ApplicationUserManager>(() => DependencyResolver.Current.GetService<ApplicationUserManager>());
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "ApplicationCookie",
LoginPath = new PathString("/Account/Login")
});
}
Edit: Another action: 编辑:另一个动作:
[AllowAnonymous]
public async Task<ActionResult> Index()
{
// This returns FALSE
if (User.IsInRole("Admin"))
System.Diagnostics.Debug.WriteLine("Ok");
var userManager = UnityConfig.Container.Resolve<ApplicationUserManager>();
// This returns TRUE
if (await userManager.IsInRoleAsync(User.Identity.GetUserId<int>(), "Admin"))
System.Diagnostics.Debug.WriteLine("Ok");
return View();
}
1 个解决方案
解决方案1
3 已采纳 2016-01-16 19:24:15
A couple of things to check: 要检查的几件事:
- What is the login page set to? 登录页面设置为什么? I'm guessing you are either unauthenticated or unauthorized, and MVC is sending you to the login page (which is probably set or defaulted to "/" 我猜你是未经身份验证或未经授权,MVC正在将你发送到登录页面(可能已设置或默认为“/”
- If you are sure you are logged in (authenticated), double check that your user does indeed have the admin role (is authorized). 如果您确定已登录(已通过身份验证),请仔细检查您的用户是否确实具有管理员角色(已获得授权)。
- I believe the user store has a method you can override to see what's returned for the user's roles. 我相信用户商店有一个方法可以覆盖,看看为用户的角色返回了什么。 It's probably worth setting a breakpoint there and see what's going on. 可能值得在那里设置一个断点,看看发生了什么。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.