[英]ASP.NET Set User Identity and IsAuthenticated = true
I have an ASP.NET MVC application that must only be accessed by users that are logged in. 我有一个ASP.NET MVC应用程序,只能由已登录的用户访问。
We are implementing PingAccess and PingFederate that intercepts traffic to our application and forces the user to log in before it even hits our application. 我们正在实现PingAccess和PingFederate,它们拦截到我们应用程序的流量,并迫使用户在其未到达我们的应用程序之前就登录。
Once authenticated PingAccess sets a cookie containing a JWT token and I can read this inside an MVC controller and abstract the claims (sample below) but I need to be able to set the User.Identity object and ensure that IsAuthenticated is true so that I can use the standard Authorize attribute on all of our controllers. 一旦通过身份验证,PingAccess会设置一个包含JWT令牌的cookie,我可以在MVC控制器中读取它并提取声明(下面的示例),但是我需要能够设置User.Identity对象并确保IsAuthenticated为true,以便我可以在我们所有的控制器上使用标准的Authorize属性。
var cookie = this.Request.Cookies.Get("PA.mycookie");
var jwtTokenString = cookie.Value;
var jwtToken = new JwtSecurityToken(jwtTokenString);
var claims = jwtToken.Claims;
Could anyone point me in the right direction? 有人能指出我正确的方向吗?
Many thanks 非常感谢
If the goal of going after the User.Identity object and the IsAuthenticated attribute is just to ensure that your Authorize attribute works, then the way to do that via jwt tokens requires some setup in Startup.cs via ConfigureOAuthTokenConsumption. 如果追求User.Identity对象和IsAuthenticated属性的目的只是为了确保您的Authorize属性有效,则通过jwt令牌进行此操作的方法需要通过ConfigureOAuthTokenConsumption在Startup.cs中进行一些设置。 The second answer in this post has some example code that may set you on the right track: How to use JWT in MVC application for authentication and authorization? 这篇文章的第二个答案提供了一些示例代码,这些示例代码可能会让您走上正轨: 如何在MVC应用程序中使用JWT进行身份验证和授权? . 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.