有谁知道相当于:
[ClaimsAuthorization(ClaimType="", ClaimValue="")]
Identity 2.1的示例:
[HttpGet]
[ClaimsAuthorization(ClaimType="ManageStore", ClaimValue="Allowed")]
public IActionResult Register()
{
return View();
}
答案 0 :(得分:3)
@ tailmax的方法适用于ASP.NET 5 beta4,但不适用于beta5,beta6和下一版本,因为AuthorizeAttribute已完全修改,不再公开OnAuthorization (它现在只是一个标记)。
建议的方法是使用新的授权服务来配置新策略,只需使用AuthorizeAttribute:
public void ConfigureServices([NotNull] IServiceCollection services) {
services.ConfigureAuthorization(options => {
options.AddPolicy("ManageStore", policy => {
policy.RequireAuthenticatedUser();
policy.RequireClaim("ManageStore", "Allowed");
});
});
}
public class StoreController : Controller {
[Authorize(Policy = "ManageStore"), HttpGet]
public async Task<IActionResult> Manage() { ... }
}