[英]Exception “Security has not been configured for controller” is thrown when ActionNameSelectorAttribute is used
在控制器的動作上使用ActionNameSelectorAttribute時, FluentSecurity出現問題。
public static void Configure()
{
var applicationConfiguration = DependencyResolver.Current.GetService<IApplicationConfiguration>();
var superUserGroupName = applicationConfiguration.GetSuperUserGroupName();
var userGroupName = applicationConfiguration.GetUserGroupName();
var securityConfiguration = SecurityConfigurator.Configure(configuration =>
{
configuration.GetAuthenticationStatusFrom(() => HttpContext.Current.User.Identity.IsAuthenticated);
configuration.GetRolesFrom(System.Web.Security.Roles.GetRolesForUser);
configuration.ForAllControllers().DenyAnonymousAccess().CachePerHttpRequest();
configuration.ForAllControllers().RequireAnyRole(superUserGroupName).CachePerHttpRequest();
configuration.For<Elmah.Mvc.ElmahController>().RequireAnyRole(userGroupName).CachePerHttpRequest();
configuration.ApplyProfile<ProjectSecurityProfile>();
configuration.ApplyProfile<ProjectsSecurityProfile>();
configuration.ApplyProfile<RewecoSecurityProfile>();
configuration.DefaultPolicyViolationHandlerIs(() => new HttpUnauthorizedPolicyViolationHandler());
});
securityConfiguration.AssertAllActionsAreConfigured();
}
當我使用AssertAllActionsAreConfigured在上述配置下運行應用程序時,一切似乎都是正確的,沒有例外。 但只要我打電話的動作方法ActualHoursAssignmentController其中HttpParamAction使用,這是從繼承的類ActionNameSelectorAttribute我得到的異常。
尚未為控制器PDATA.Web.Controllers.ActualHoursAssignmentController配置安全性,操作ActionChoiceByNameAttributeValue區域:(未設置)控制器:ActualHoursAssignment操作:ActionChoiceByNameAttributeValue
public class HttpParamActionAttribute : ActionNameSelectorAttribute
{
public static string ActionChoiceByNameAttributeValue
{
get { return "ActionChoiceByNameAttributeValue"; }
}
public override bool IsValidName([NotNull] ControllerContext controllerContext,
[NotNull] string actionName, [NotNull] MethodInfo methodInfo)
{
if (controllerContext == null)
{
throw new ArgumentNullException("controllerContext");
}
if (actionName == null)
{
throw new ArgumentNullException("actionName");
}
if (methodInfo == null)
{
throw new ArgumentNullException("methodInfo");
}
if (String.IsNullOrWhiteSpace(actionName))
{
throw new ArgumentException("actionName");
}
if (String.IsNullOrWhiteSpace(methodInfo.Name))
{
throw new ArgumentException("methodInfo.Name");
}
if (actionName.Equals(methodInfo.Name, StringComparison.InvariantCultureIgnoreCase))
return true;
if (!actionName.Equals(ActionChoiceByNameAttributeValue, StringComparison.InvariantCultureIgnoreCase))
return false;
var request = controllerContext.RequestContext.HttpContext.Request;
return request[methodInfo.Name] != null;
}
}
HttpParamAction屬性在ActualHoursAssignmentController中的ActualHoursAssignmentController
public class ActualHoursAssignmentController : PdataBaseController
{
[HttpParamAction]
[HttpPost]
public ActionResult UpdateAssignment(ActualHoursAssignmentViewModel vm)
{
}
[HttpParamAction]
[HttpPost]
public ActionResult DeleteAssignment(ActualHoursAssignmentViewModel vm)
{
}
}
更新:因為找不到解決方案,所以暫時消除了HttpParamActionAttribute的用法。 取而代之的是,我使用這種解決方案在一個Form中調用多個按鈕,但是問題仍然存在,也許是一個錯誤。
似乎在較舊版本的FluentSecurity中存在支持Controller繼承的問題,請參見:
在已部署的SSIS包中使用HtmlAgilityPack異常已被拋出
[英]HtmlAgilityPack exception has been thrown when used in deployed SSIS package
創建控制器時“調用目標已拋出異常”(ASP.NET MVC 5 with MySql)
[英]“Exception has been thrown by target of invocation” when creating controller (ASP.NET MVC 5 with MySql)
使用Tesseract ocr時,調用目標拋出了異常
[英]Exception has been thrown by the target of an invocation when using Tesseract ocr
Azure MobileServiceInvalidOperation已拋出異常
[英]Azure MobileServiceInvalidOperation Exception has been thrown
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.