使用表单身份验证时ASP.NET MVC 3错误
[英]ASP.NET MVC 3 error when using forms authentication
问题描述
I'm using forms authentication for my MVC 3 application. 
我正在为MVC 3应用程序使用表单身份验证。 I've added this line in my configuration: 我在配置中添加了以下行:
<authorization>
<allow roles="Administrator"/>
<deny users="*"/>
</authorization>
When i run the application (on my local box) I get the errors listed below and none of the CSS styles come through. 当我运行应用程序(在我的本地机器上)时,出现以下错误,并且CSS样式均未通过。 But when I log-in, everything looks fine. 但是,当我登录时,一切看起来都很好。 So I guess I have a couple of questions: 所以我想我有几个问题:
- Is it best practice to add the authorization rules in the web.config or should I add it to the [Authorize] attribute within the controller. 是在web.config中添加授权规则的最佳实践,还是我应该将其添加到控制器中的[Authorize]属性。
- I only get the errors listed below when I add the authorization rules in the web.config. 在web.config中添加授权规则时,只会出现下面列出的错误。 What am i missing? 我想念什么?
Help would be appreciated. 帮助将不胜感激。 Thank you. 谢谢。
ps I'm using Internet Explorer 8 ps我正在使用Internet Explorer 8
Webpage error details
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6.5; .NET CLR 2.0.50727; InfoPath.2; .NET4.0C; .NET4.0E; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) Timestamp: Fri, 13 May 2011 15:48:19 UTC
Message: Syntax error Line: 1 Char: 1 Code: 0 URI: http://localhost:1361/Account/LogOn?ReturnUrl=%2fScripts%2fjquery-1.4.4.min.js
Message: Syntax error Line: 1 Char: 1 Code: 0 URI: http://localhost:1361/Account/LogOn?ReturnUrl=%2fScripts%2fjquery.validate.min.js
Message: Syntax error Line: 1 Char: 1 Code: 0 URI: http://localhost:1361/Account/LogOn?ReturnUrl=%2fScripts%2fjquery.validate.unobtrusive.min.js
2 个解决方案
解决方案1
2 已采纳 2011-05-13 16:40:51
In your web.config, you are restricting access to everyone but administrators in all cases. 在您的web.config中,在所有情况下,您都将限制除管理员之外的所有人访问。 Check out this link to give you more options on what you can do. 查看此链接可为您提供更多选择。 (like allowing access to specific folders) (例如允许访问特定的文件夹)
http://weblogs.asp.net/gurusarkar/archive/2008/09/29/setting-authorization-rules-for-a-particular-page-or-folder-in-web-config.aspx http://weblogs.asp.net/gurusarkar/archive/2008/09/29/setting-authorization-rules-for-a-particular-page-or-folder-in-web-config.aspx
解决方案2
1 2011-05-13 16:43:04
The problem is, as you seem to have guessed, that the CSS files are protected by your authorization rules. 就像您似乎已经猜到的那样,问题是CSS文件受您的授权规则保护。 The reason that this differs between applying the rules in web.config and applying via Authorize attributes, is that since the MVC framework doesn't send requests for files that exist on disc via your controllers, the requests for the CSS files (which exist on disc) never see the attribute. 在web.config应用规则与通过Authorize属性应用之间有所不同的原因是,由于MVC框架不会通过控制器发送对磁盘上存在的文件的请求,因此对CSS文件(位于光盘)永远看不到该属性。 They do, however, see the authorization rules in web.config . 但是,它们确实在web.config看到了授权规则。
There are a couple of ways you can solve this. 有两种方法可以解决此问题。 Either one will work fine. 任何一种都可以正常工作。
- Use the
<location>tag to allow any users to request your CSS files.使用<location>标记允许任何用户请求您的CSS文件。 - Skip authorization in
web.configand use theAuthorizeattribute instead.跳过web.config的Authorize而是使用Authorize属性。 If you do this, you can apply the attribute globally inglobal.asax.csso you won't have to remember doing it on every controller.如果执行此操作,则可以在global.asax.cs全局应用该属性 ,这样您就不必记住在每个控制器上都使用它了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.