我正在关注Chris Schiffhauer使用Active Directory进行MVC5身份验证的优秀教程link here。
无论如何,我遵循了他的指示,并且在成功验证后,它会重定向到home / index。我知道AD正在工作,因为如果我使用了错误的密码,重定向就不会发生,并且它会在登录页面上出现错误,这应该发生。问题是......在重定向到主页时,auth会丢失。我仍然可以选择登录哪个错误。除了包含AD身份验证之外,我只是使用VS2013的MVC站点模板。如有必要,我可以提供更多代码。想法?
AccountController.cs(已修改)
if (Membership.ValidateUser(model.UserName, model.Password))
{
log.Info("User " + model.UserName + " is authenticated.");
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(FormsAuthentication.GetAuthCookie(model.UserName, model.RememberMe).Value); //ticket creation/decryption is successful
GenericIdentity id = new GenericIdentity(ticket.Name, "LdapAuthentication"); // id is successful
log.Info("ticket :" + ticket.Name);
// This principal will flow throughout the request.
GenericPrincipal principal = new GenericPrincipal(id, null); //making the principal works
// Attach the new principal object to the current HttpContext object
log.Info("principal :" + principal.Identity.Name);
System.Web.HttpContext.Current.User = principal; // this doesn't seem to work.
if (this.Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return this.Redirect(returnUrl);
}
return this.RedirectToAction("Index", "Home");
}
Login.cshtml
...snipped for brevity...
@using (Html.BeginForm("Login", "Account", new {ReturnUrl = ViewBag.ReturnUrl}, FormMethod.Post, new {@class = "form-horizontal", role = "form"}))
{
@Html.AntiForgeryToken()
<h4>Use a local account to log in.</h4>
<hr/>
@Html.ValidationSummary(true, "", new {@class = "text-danger"})
<div class="form-group">
@Html.LabelFor(m => m.UserName, new {@class = "col-md-3 control-label"})
<div class="col-md-9">
@Html.TextBoxFor(m => m.UserName, new { @class = "form-control" })
@Html.ValidationMessageFor(m => m.UserName, "", new { @class = "text-danger" })
</div>
</div>
<div class="form-group">
@Html.LabelFor(m => m.Password, new {@class = "col-md-3 control-label"})
<div class="col-md-9">
@Html.PasswordFor(m => m.Password, new {@class = "form-control"})
@Html.ValidationMessageFor(m => m.Password, "", new {@class = "text-danger"})
</div>
</div>
<div class="form-group">
<div class="col-md-offset-3 col-md-9">
<div class="checkbox">
@Html.CheckBoxFor(m => m.RememberMe)
@Html.LabelFor(m => m.RememberMe)
</div>
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<input type="submit" value="Log in" class="btn btn-primary"/>
</div>
</div>
}
...snipped for brevity...
答案 0 :(得分:0)
问题在于您从未将用户分配到上下文。导航到其他视图后,用户将丢失。
请参阅此tutorial,了解如何在Active Directory中使用表单身份验证。
正如您在教程中看到的,这是至关重要的部分:
// Extract the forms authentication cookie
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = Context.Request.Cookies[cookieName];
if(null == authCookie)
{
// There is no authentication cookie.
return;
}
FormsAuthenticationTicket authTicket = null;
try
{
authTicket = FormsAuthentication.Decrypt(authCookie.Value);
}
catch (Exception ex)
{
// Log exception details (omitted for simplicity)
return;
}
if (null == authTicket)
{
// Cookie failed to decrypt.
return;
}
// Create an Identity object
GenericIdentity id = new GenericIdentity(authTicket.Name,"LdapAuthentication");
// This principal will flow throughout the request.
GenericPrincipal principal = new GenericPrincipal(id, null);
// Attach the new principal object to the current HttpContext object
Context.User = principal;
答案 1 :(得分:0)
我也遇到了同样的问题而且我使用了MVC 5.我在 global.aspx 中搜索了 Application_AuthenticateRequest 事件处理程序,但它不存在然后我手动添加事件处理程序和问题解决了!