堆栈内存溢出
  繁体   English   中英

ASP.net MVC 4中基于角色的授权

[英]Role based Authorization in ASP.net MVC 4

 原文  2015-12-13 20:53:57       asp.net/ asp.net-mvc/ roles/ authorize

问题描述

我正在努力在ASP.net中创建角色系统。 现在它可以正常工作,因为我可以将角色与用户相关联

如您所见。

AspNetUserRoles

现在,我的问题是我应该怎么做才能使基于角色的访问工作。 因为这不起作用。 它以超级管理员的身份将我发送回登录页面 

 [Authorize(Roles = "Superadmin")]
    public ActionResult Upload()
    {
        return View();
    }

Web.config 

    <?xml version="1.0" encoding="utf-8"?>
<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=301880
  -->
<configuration>
  <configSections>
    <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
    <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
  </configSections>
  <connectionStrings>
    <!--<add name="MyConString" connectionString="server=JENSJONKMAN\SQLEXPRESS; database=JensGoesASP; integrated security=true;"/>-->
    <add name="DefaultConnection" connectionString="Data Source=JENSJONKMAN\SQLEXPRESS;     Initial Catalog=JensGoesASP;Integrated Security=True" providerName="System.Data.SqlClient" />
    <add name="JensGoesASPEntities" connectionString="metadata=res://*/ImageModel.csdl|res://*/ImageModel.ssdl|res://*/ImageModel.msl;provider=System.Data.SqlClient;provider connection string=&quot;data source=JENSJONKMAN\SQLEXPRESS;initial catalog=JensGoesASP;integrated security=True;MultipleActiveResultSets=True;App=EntityFramework&quot;" providerName="System.Data.EntityClient" />
  </connectionStrings>
  <appSettings>
    <add key="webpages:Version" value="3.0.0.0" />
    <add key="webpages:Enabled" value="false" />
    <add key="ClientValidationEnabled" value="true" />
    <add key="UnobtrusiveJavaScriptEnabled" value="true" />
  </appSettings>
  <system.web>
    <authentication mode="None" />
    <compilation debug="true" targetFramework="4.5" />
    <httpRuntime targetFramework="4.5" />
  </system.web>
  <system.webServer>
    <modules>
      <remove name="FormsAuthenticationModule" />
    </modules>
  </system.webServer>
  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-5.0.0.0" newVersion="5.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Owin.Security" publicKeyToken="31bf3856ad364e35" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
  <entityFramework>
    <defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
    <providers>
      <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
    </providers>
  </entityFramework>
</configuration>

我希望有一个人可以帮助我。

格蕾兹

1 个解决方案

解决方案1
 0 已采纳  2015-12-15 08:10:22

您需要在Global.asax文件的UserPrincipal中添加角色 

protected void Application_AuthenticateRequest(Object sender, EventArgs e) 
{  
    HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];

    if (authCookie != null) 
    {
        FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
        // Read the roles from cookie
        string[] roles = authTicket.UserData.Split(new Char[] { ',' });

        GenericPrincipal userPrincipal = new GenericPrincipal(new GenericIdentity(authTicket.Name), roles);
        Context.User = userPrincipal;
    }
}

创建自定义的Authorize属性并覆盖OnAuthorization方法 

public override void OnAuthorization(AuthorizationContext filterContext)
{
    // Check if the user is authorized to access else redirect to unauthorized page
    base.OnAuthorization(filterContext);
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 基于站点/ URL的ASP.NET MVC角色授权 ASP.NET MVC 4中的身份验证和角色授权 ASP.NET中基于角色的授权 在ASP.NET MVC Web API服务和MVC客户端体系结构中实现身份验证和基于角色的授权 Asp.net 核心 mvc 基于角色的授权与 Azure AD ASP.NET Core 3.1 MVC 访问被拒绝基于角色的授权 - 与自定义 UserClaimsPrincipalFactory 冲突 基于角色的Asp.net MVC应用 ASP.NET MVC 3中基于角色的访问 ASP.NET MVC4授权取决于角色和信息 基于控件asp.net的角色授权配置
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM