wxt*_*wxt 13 .net c# asp.net-web-api asp.net-core asp.net-core-3.0
asp.net core 3 允许设置FallbackPolicy以在默认情况下使端点安全:
services.AddAuthorization(options =>
{
options.FallbackPolicy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
});
这是一个很棒的功能,但我也有一个HealthCheck端点,现在需要授权。
services.AddHealthChecks();
[...]
app.UseEndpoints(endpoints => {
endpoints.MapHealthChecks("/health");
endpoints.MapControllers();
});
如何允许匿名访问 HealthCheck 端点(无身份验证或授权)?
小智 24
我遇到了完全相同的问题,所以我希望这有助于作为一种更令人满意的实现方式:
app.UseEndpoints(endpoints =>
{
endpoints.MapDefaultControllerRoute().RequireAuthorization();
endpoints.MapHealthChecks("/health").WithMetadata(new AllowAnonymousAttribute());
});
从 .NET 5 开始,有一个新的更清晰的方法 -AllowAnonymous()
app.UseEndpoints(endpoints =>
{
endpoints.MapHealthChecks("/health").AllowAnonymous();
});
您可以在使用 AuthenticationMiddleware 之前调用 HealthCheckMiddleware:
app.Map("/health",appbuilder =>{
appbuilder.UseMiddleware<HealthCheckMiddleware>();
});
// or
// app.UseHealthChecks("/health");
app.UseRouting();
// make sure the authentication middleware runs after the health check middleware
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
| 归档时间: |
|
| 查看次数: |
5385 次 |
| 最近记录: |