[英]How to write my own AuthorizeTag?
I ditching asp.net membership so I am guessing I need my own authorize tags(correct me if I am wrong). 我放弃了asp.net成员资格,所以我猜测我需要自己的授权标签(如果我输入错了,请更正我)。 Since probably the ones they have all point to the membership classes(Not sure how to verify this though).
由于它们可能全部都指向成员资格类(不过,不确定如何验证)。
Now I tried to do this 现在我尝试这样做
public class MyTest : AuthorizeAttribute { 公共类MyTest:AuthorizeAttribute {
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext == null) throw new ArgumentNullException("httpContext");
// Make sure the user is authenticated.
if (httpContext.User.Identity.IsAuthenticated == false)
{
return false;
}
else
{
return false;
}
}
} }
I then in my defautl view I have this. 然后,在我的默认视图中,我有了这个。
FormsAuthentication.SetAuthCookie("xiao", true); FormsAuthentication.SetAuthCookie(“ xiao”,true);
I then have on another view 然后我有另一种看法
[MyTest()] public ActionResult About() { return View(); [MyTest()] public ActionResult About(){return View(); }
}
I then go to this view and I am still able to access it. 然后,我转到此视图,但仍然可以访问它。 I see that it puts this in the url
我看到它把它放在URL中
"LogOn?ReturnUrl=%2fHome%2fAbout"
but bottom line it is I still can see the page(and all the content). 但最重要的是,我仍然可以看到该页面(以及所有内容)。 When I should see just at the very least your not authorized or something like that.
当我至少应该看到您的未授权或类似的内容时。
what am I doing wrong? 我究竟做错了什么?
Thanks 谢谢
Ok it seems to work now but I still don't know how to pass in roles. 好的,现在似乎可以了,但我仍然不知道该如何担任角色。
您可以实施自定义成员资格提供程序 ,从而省去了很多麻烦。
自定义角色提供者也将有所帮助...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.