Fluent Security Custom Policy
Question
I am using Fluent Security in a MVC5 application. I Created a custom policy called RequirePortalRole(). For testing purposes i and always returning a success.
My security configuration is as follows
configuration.ForAllControllers().DenyAnonymousAccess();
configuration.For<AccountController>(x => x.LogOn()).Ignore();
configuration.For<HomeController>().AddPolicy(new RequirePortalRole());
Since RequiredPortalRole() Always returns PolicyResult.CreateSuccessResult(this); i would expect that i could access anything on the home controller but nothing else except for the LogOn action in the Account Controller. The custom policy does not appear to be over riding the ForAllController policy.
Any idea why not? Am i actually applying two polices to the HomeController ?
1 answers
solution1
2 2014-03-14 13:17:33
Policies are added and everyone of them is enforced for every request. I think that if you want to access everything on HomeController you should explicity remove the policy:
configuration.For<HomeController>()
.RemovePolicy<DenyAnonymousAccessPolicy>()
.AddPolicy<RequirePortalRole>();
I hope I got your question right.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.