Cha*_*son 10 asp.net-mvc forms-authentication hangfire
我在我的MVC网络应用程序中运行HangFire,但每当我尝试导航到http:// MyApp/hangfire时,它会将我重定向到我的应用程序的登录页面,就好像我没有登录一样.
我没有明确配置任何授权要求...例如我在web.config中有以下内容,但后来试图让它工作.
<location path="hangfire">
<system.web>
<authorization>
<allow roles="Administrator" />
<deny users="*" />
</authorization>
</system.web>
理论上,这就是我想要的,当我登录我的主Web应用程序时,我将以Administrator角色登录,因此该规则应该有效.
但是,无论我是否在web.config中配置了它,每当我尝试导航到http:// MyApp/hangfire时,它都会将我重定向到我在web.config中配置的应用程序登录页面:
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="960" />
</authentication>
当我发布到我的主机时,它不会在我的本地计算机上执行此操作.HangFire是否无法识别我的主应用程序在登录时提供的身份验证Cookie?我一般认为,hangfire应用程序不需要身份验证,那么其他配置可能会认为它有什么作用?
更新1:
我根据hangfire文档添加了授权过滤器,但同样的事情发生了.这是我在Startup.cs中的代码:
using Hangfire;
using Hangfire.Logging;
using Hangfire.Dashboard;
using Hangfire.SqlServer;
using Microsoft.Owin;
using OTIS.Web.AppCode;
using OTISScheduler.AppServ;
using Owin;
using System.Web.Security;
[assembly: OwinStartup(typeof(OTIS.Web.App_Start.Startup))]
namespace OTIS.Web.App_Start
{
public class Startup
{
public void Configuration(IAppBuilder app) {
app.UseHangfire(config => {
config.UseSqlServerStorage("DefaultConnection");
config.UseServer();
//Dashboard authorization
config.UseAuthorizationFilters(new AuthorizationFilter
{
Users = "USERA", // allow only specified users (comma delimited list)
Roles = "Account Administrator, Administrator" // allow only specified roles(comma delimited list)
});
});
LogProvider.SetCurrentLogProvider(new StubLogProviderForHangfire());
GlobalJobFilters.Filters.Add(new AutomaticRetryAttribute { Attempts = 0 });
var scheduleTasksInitializer = new ScheduleTasksInitializer();
scheduleTasksInitializer.ScheduleTasks();
}
}
}
更新2:
根据显示基本身份验证的更详细说明,我也试过了......仍然没有运气..将我转到我的应用程序的登录页面.
config.UseAuthorizationFilters(
new BasicAuthAuthorizationFilter(
new BasicAuthAuthorizationFilterOptions
{
// Require secure connection for dashboard
RequireSsl = false,
SslRedirect = false,
// Case sensitive login checking
LoginCaseSensitive = true,
// Users
Users = new[]
{
new BasicAuthAuthorizationUser
{
Login = "MyLogin",
// Password as plain text
PasswordClear = "MyPwd"
}
}
}));
Bar*_*ris 26
使用较新的版本IDashboardAuthorizationFilter.使用using语句,它将如下所示:
using System.Web;
using Hangfire.Annotations;
using Hangfire.Dashboard;
namespace Scheduler.Hangfire
{
public class HangFireAuthorizationFilter : IDashboardAuthorizationFilter
{
public bool Authorize([NotNull] DashboardContext context)
{
//can add some more logic here...
return HttpContext.Current.User.Identity.IsAuthenticated;
}
}
}
然后在配置部分:
app.UseHangfireDashboard("/jobs", new DashboardOptions()
{
Authorization = new [] {new HangFireAuthorizationFilter()}
});
Cha*_*son 11
终于搞定了.我创建了自己的AuthorizationFilter类(见下文).然后我将它传递给Startup.cs配置方法中的MapHangfireDashboard方法(见下文)
public class HangFireAuthorizationFilter : IAuthorizationFilter
{
public bool Authorize(IDictionary<string, object> owinEnvironment)
{
bool boolAuthorizeCurrentUserToAccessHangFireDashboard = false;
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
if(HttpContext.Current.User.IsInRole("Account Administrator"))
boolAuthorizeCurrentUserToAccessHangFireDashboard = true;
}
return boolAuthorizeCurrentUserToAccessHangFireDashboard;
}
}
要将hangfire映射到自定义URL并指定要使用的AuthorizationFilter:
public void Configuration(IAppBuilder app) {
//Get from web.config to determine to fire up hangfire scheduler or not
app.UseHangfire(config => {
config.UseSqlServerStorage("DefaultConnection");
config.UseServer();
});
//map hangfire to a url and specify the authorization filter to use to allow access
app.MapHangfireDashboard("/Admin/jobs", new[] { new HangFireAuthorizationFilter() });
}
| 归档时间: |
|
| 查看次数: |
16081 次 |
| 最近记录: |