堆棧內存溢出
  簡體   English   中英

授權不使用Azure SQL的角色

[英]Authorize roles not working with azure SQL

 原文  2019-09-05 03:37:31       c#/ asp.net-core/ azure-sql-database/ asp.net-core-webapi/ asp.net-authorization

問題描述

首先,這是我的控制器 

[Authorize(Roles = Utilities.BusinessHead+","+Utilities.DeliveryHeadNoida)]
[HttpDelete("{id}")]
public IActionResult DeleteCustomer(int id)
{
    var customer = _customerService.CustomerDetails(id);
    if (customer == null)
    {
        return NotFound(Utilities.NoData);
    }
    _customerService.DeleteCustomer(id);
    return Ok(Utilities.DataDeleted);
}

實用程序類包含: 

public static class Utilities
    {

        public const string PmoNoida = "PMO Noida";
        public const string ApplicationAdmin = "Application Admin";
        public const string DeliveryHeadNoida = "Delivery Head Noida";
        public const string DeliveryManagerYvr = "Delivery Manager YVR";
        public const string BusinessHead = "Business Head ";
        public const string SalesManager = "Sales Manager";
        public const string DataDeleted = "Data deleted";

    }

startup.cs就像 

 public class Startup
    {
        public IConfiguration Configuration { get; }
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        /// <summary>
        /// This method gets called by the runtime. Use this method to add services to the container. 
        /// </summary>         
        public void ConfigureServices(IServiceCollection services)
        {
            var key = Encoding.UTF8.GetBytes(Utilities.SecretKey);
            services.AddAuthentication(x =>
            {
                x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(x =>
            {
                x.RequireHttpsMetadata = false;
                x.SaveToken = true;
                x.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey = new SymmetricSecurityKey(key),
                    ValidateIssuer = false,
                    ValidateAudience = false
                };
            });
            services.AddDbContext<KickOffContext>(options =>
            options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
            services.AddScoped<ICustomersService, CustomersService>();
            services.AddScoped<ICustomerRepository, CustomersRepository>();
            services.AddScoped<ILoginService, LoginService>();
            services.AddSwaggerGen(c =>
            {
                c.SwaggerDoc(Utilities.SwaggerDoc, new Info { Title = Utilities.SwaggerTitle, Version = Utilities.SwaggerVersion });
            });
            services.AddMvc()
            .AddJsonOptions(options =>
            {
                options.SerializerSettings.NullValueHandling = NullValueHandling.Ignore;
            });
            var corsBuilder = new CorsPolicyBuilder();
            corsBuilder.AllowAnyHeader();
            corsBuilder.AllowAnyMethod();
            corsBuilder.AllowAnyOrigin(); // For anyone access.            
            corsBuilder.AllowCredentials();
            services.AddCors(options =>
            {
                options.AddPolicy(Utilities.SiteCorsPolicy, corsBuilder.Build());
            });
        }

        /// <summary>
        /// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        /// </summary>        
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {           
            app.UseSwagger();
            app.UseSwaggerUI(c =>
            {
                c.SwaggerEndpoint(Utilities.SwaggerEndPoint, Utilities.SwaggerApiVersion);
            });
            using (var serviceScope = app.ApplicationServices.GetService<IServiceScopeFactory>().CreateScope())
            {
                var context = serviceScope.ServiceProvider.GetRequiredService<KickOffContext>();
                context.Database.EnsureCreated();
            }
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseHsts();
            }
            app.UseHttpsRedirection();
            app.UseAuthentication();
            app.UseMvc();
            app.UseStatusCodePages();
            app.UseCors(Utilities.SiteCorsPolicy);
        }
    }

嘗試刪除具有角色的用戶時遇到問題:
當我使用Azure SQL數據庫時,“業務負責人”說"403 Forbidden"
但是,當我使用SQL Server Express時,一切正常。
為什么它不能與Azure SQL一起使用?

1 個解決方案

解決方案1
 0  2019-09-05 09:56:11

將此代碼添加到web.config可能會解決此問題。 

<system.webServer>
    <modules>
        <remove name="RoleManager" />
    </modules>
</system.webServer>

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 使用角色授權屬性不起作用? 授權不使用角色的屬性 添加Authorize(Roles =“ foo”)會導致Azure身份驗證后的無限重定向 從Active Directory進行身份驗證,但在MVC中從SQL數據庫授權角色 使用[Authorize(Roles =“ Edit”)]時出現SQL錯誤 `[Authorize(Roles =“ Role”)]“不起作用,User.IsInRole(“ Role”)始終為false Asp.Net MVC C#[Authorize(Roles“”)]不起作用 ASP.NET Core 2.2 授權角色不工作的屬性 任何角色的授權屬性 多角色授權屬性
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM