[英]ASP.Net Membership principalpermission issues
I'm running into an issue with the PrinciplePermissionAttribute
causing exceptions. 我遇到了导致异常的
PrinciplePermissionAttribute
的问题。 Any pages where I have the attribute on the Load
method throw an exception immediately after initial login. 我在
Load
方法上具有属性的任何页面在初始登录后立即抛出异常。
<PrincipalePermission(SecurityAction.Demand, role:="Level1")> _
Protected Sub Page_Load(ByVal sender As Object, ByVal e as System.EventArgs) Handles Me.Load
End Sub
This throws the exception Request for principal permission failed
. 这会抛出异常
Request for principal permission failed
。
If I remove this the page loads fine and I can navigate to another page that does have this same attribute and it works flawlessly. 如果我删除它,页面加载正常,我可以导航到另一个具有相同属性的页面,它可以完美地工作。 Also if I use the Membership systems
Roles.IsUserInRole()
function I do not have an issue. 此外,如果我使用Membership系统
Roles.IsUserInRole()
函数,我没有问题。
I have noticed that after initial login that my Thread.CurrentPrincipal
is of type GenericPrincipal
and not the RolePrincipal
. 我注意到在初次登录后我的
Thread.CurrentPrincipal
是GenericPrincipal
类型而不是RolePrincipal
。 Subsequent requests show the correct type in place of the generic. 后续请求显示正确的类型以代替泛型。 I tried to force this in the
Global.asax
file in the PostAuthenticate
event but asp.net seems to be setting the GenericPrincipal
after this happens. 我试图在
PostAuthenticate
事件中的Global.asax
文件中强制执行此操作但是asp.net似乎在发生这种情况后设置了GenericPrincipal
。
Any ideas on how to fix this behavior or am I stuck using the Roles.IsUserInRole()
method? 有关如何解决此问题的任何想法,还是我使用
Roles.IsUserInRole()
方法?
UPDATE UPDATE
After finding some explanation into whats happening in the pipeline here I can see why changing it in the Global.asax
didn't help. 在找到对管道中发生的事情的一些解释后,我可以看到为什么在
Global.asax
更改它没有帮助。 I had a prototype project from earlier that I tested this with and I could not reproduce it there. 我之前有一个原型项目,我测试了它,我无法在那里重现它。 I do wonder if it has anything to do with the project type.
我想知道它是否与项目类型有关。 The prototype is a Web Site project and the problematic one is a Web Application project.
原型是一个Web站点项目,有问题的是Web应用程序项目。
I do think its odd that the GenericPrincipal
is changed to the RolePrincipal
but only after the initial request has processed. 我确实认为
GenericPrincipal
更改为RolePrincipal
但仅在初始请求处理完毕后才是奇怪的。 So its hard to say that its not working its like it just doesn't happen before my 'Page_Load' executes. 所以很难说它不能正常工作只是在我的'Page_Load'执行之前不会发生。
I think you are using Forms authentication... 我认为你正在使用Forms身份验证...
PrincipalPermission attribute checks Thread.CurrentPrincipal. PrincipalPermission属性检查Thread.CurrentPrincipal。 Roles.IsUserInRole() checks HttpContext.Current.User.
Roles.IsUserInRole()检查HttpContext.Current.User。 So if they are different you can correct this in Global.asax file at Application_AuthenticateRequest event.
因此,如果它们不同,您可以在Application_AuthenticateRequest事件中的Global.asax文件中更正此问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.