堆栈内存溢出
  简体   繁体   English

自定义主体显示禁止授权过滤器属性 ASP.Net Core 6 MVC

[英]Custom principal displays Forbidden on Authorize Filter attribute ASP.Net Core 6 MVC

 原文  2022-11-18 02:43:51       c#/ asp.net-core-mvc/ asp.net-core-6.0

问题描述

The application is an ASP.NET Core 6 MVC app and uses Windows authentication.该应用程序是一个 ASP.NET Core 6 MVC 应用程序,使用 Windows 身份验证。 Currently I have a ClaimsTransformation like this:目前我有一个像这样的ClaimsTransformation

public class ClaimsTransformation : IClaimsTransformation
{
    private readonly IHttpContextAccessor _httpContextAccessor;
    private readonly IAuthenticationService _authenticationService;

    public ClaimsTransformation(IHttpContextAccessor accessor, IAuthenticationService authenticationService)
    {
        _httpContextAccessor = accessor;
        _authenticationService = authenticationService;
    }

    public async Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)
    {
       if (principal != null && principal.Identity != null && !principal.Identity.IsAuthenticated)
            return principal;

        var clonedPrincipal = principal.Clone();
        var clonedClaims = clonedPrincipal.Claims.ToList();
        var clonedIdentity = clonedPrincipal.Identity;

        var customPrincipal = _authenticationService.WindowsAuthenticate(clonedIdentity);
        var customIdentity = (ClaimsIdentity)customPrincipal.Identity;

        foreach (var claim in clonedClaims)
        {
            customIdentity.AddClaim(claim);
        }

        _httpContextAccessor.HttpContext.User = customPrincipal;
        Thread.CurrentPrincipal = _httpContextAccessor.HttpContext.User;

        return await Task.FromResult(customPrincipal);
    }
}

However, when it reaches the controller which has a [Authorize] attribute, it displays a http 403 error.但是,当它到达具有[Authorize]属性的 controller 时,它会显示 http 403 错误。 Kindly suggest.请建议。 Thanks谢谢

1 个解决方案

解决方案1
 0 已采纳  2022-11-21 02:18:27

1. Create the ClaimsTransformation in our application. 1. 在我们的应用程序中创建ClaimsTransformation

2. Register it in startup file. 2. 在启动文件中注册。

    Startup.cs(.net Core <=5.0) :

    services.AddTransient<IClaimsTransformation, ClaimsTransformer>();

    Program.cs(.net Core >=6.0) :

    builder.Services.AddTransient<IClaimsTransformation, ClaimsTransformer>();

3. Set the policy. 3. 设置策略。

   //.net core <= 5.0
   services.AddAuthorization(options =>
   {
       options.AddPolicy("Readonly", policy =>
                      policy.RequireClaim("permission", "readOnly"));

       options.AddPolicy("Write", policy =>
                    policy.RequireClaim("permission", "write"));
   });

   //.net core >= 6.0
   builder.Services.AddAuthorization(options =>
   {
       options.AddPolicy("Readonly", policy =>
                      policy.RequireClaim("permission", "readOnly"));

       options.AddPolicy("Write", policy =>
                    policy.RequireClaim("permission", "write"));
   });

4. Use it in the controller. 4.在controller中使用。

   [Authorize(Policy = "Write")]
   public IActionResult Contact()
   {
       ...
   }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ASP.NET Core自定义授权属性 - ASP.NET Core Custom Authorize Attribute 在ASP.NET MVC上的自定义授权属性 - Custom Authorize Attribute on asp.net mvc ASP.NET MVC和自定义授权属性 - ASP.NET MVC and custom authorize attribute 覆盖ASP.NET Core 1.0 MVC中的全局授权过滤器 - Override global authorize filter in ASP.NET Core 1.0 MVC 在ASP.NET Core中使用授权属性和自定义Cookie身份验证 - Using the Authorize Attribute with Custom Cookie Authentication in ASP.NET Core 如何在ASP.NET MVC3中创建自定义授权过滤器 - how to create custom authorize filter in asp.net mvc3 ASP.NET Core 2授权属性jwt - ASP.NET Core 2 Authorize attribute jwt asp.net mvc授权属性重定向 - asp.net mvc authorize attribute redirect 带参数的ASP.NET MVC Authorize属性 - ASP.NET MVC Authorize attribute with a parameter 自定义授权属性 - ASP .NET Core 2.2 - Custom Authorize attribute - ASP .NET Core 2.2
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM