我想修改默认Web应用程序模板以使用Cookie身份验证而不是身份验证.所以这就是我做的:
1 /删除任何涉及身份的内容
2 /请遵循本指南https://docs.asp.net/en/latest/security/authentication/cookie.html
问题
当我尝试访问受限资源(/ Home/Secret)时,我被重定向到Login page => 正确的行为.
我输入电子邮件/密码并提交=> cookie命名.AspNet.MyCookieMiddlewareInstance在client => 正确的行为中创建.
然后我被重定向到Account/AccessDenied而不是/ Home/Secret.哪里/帐号/存取遭拒从何而来?
我似乎无法弄明白.你能帮帮我吗?
谢谢
我有同样的问题.经过一些研究和调整后,它有效......现在我认为问题如下.起初,我将校长构建如下
var claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(myclaims));
但实际上应该是这样的
var claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(myclaims, "MyCookieMiddlewareInstance"));
现在必须设置此字符串"MyCookieMiddlewareInstance".
这也是完整的配置和控制器:
在Startup.cs中
public void Configure(IApplicationBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = "MyCookieMiddlewareInstance",
LoginPath = new PathString("/Auth/Login"),
AccessDeniedPath = new PathString("/Auth/Denied"),
AutomaticAuthenticate = true,
AutomaticChallenge = true
});
app.UseMvc(routes =>
{
routes.MapRoute(
"default",
"{controller=Home}/{action=Index}/{id?}");
});
}
然后在AuthController.cs中
[HttpPost]
public ActionResult Login(LoginModel model)
{
if (model.Username == "test" && model.Password == "pass")
{
var myclaims = new List<Claim>(new Claim[] { new Claim("Id", "SOME USER ID FROM SOMEWHERE!!") });
var claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(myclaims, "MyCookieMiddlewareInstance"));
HttpContext.Authentication.SignInAsync("MyCookieMiddlewareInstance", claimsPrincipal).Wait();
return RedirectToAction("Index", "Home");
}
return View(new LoginModel());
}
希望这有助于即使它有点晚.
| 归档时间: |
|
| 查看次数: |
1963 次 |
| 最近记录: |