我正在使用URLRouting开发一个asp.net多租户webforms应用程序。
使用formsAuthentication,一切都很完美。
当我切换到OWIN Cookie身份验证并请求安全页面时,我会收到以下错误,但它应该重定向到登录页面。
[HttpException(0x80004005):访问提供此请求所需的资源时发生错误。您可能没有权限查看请求的资源。]
System.Web.Routing.UrlRoutingModule.PostResolveRequestCache(HttpContextBase context)+9727854 System.Web.Routing.UrlRoutingModule.OnApplicationPostResolveRequestCache(Object sender,EventArgs e)+82 System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()+136 System.Web.HttpApplication.ExecuteStep(IExecutionStep step,Boolean& completedSynchronously)+69
路线定义:
//Default Organisation Route
routes.MapPageRoute("",
"de/{organisation}",
"~/public/default.aspx",
true,
null,
new RouteValueDictionary { { "organisation", organisationConstraint } });
routes.MapPageRoute("",
"de/{organisation}/profile",
"~/secure/profile.aspx",
true,
null,
new RouteValueDictionary { { "organisation", organisationConstraint } });
的web.config:
<system.web>
<compilation debug="true" targetFramework="4.5.0" />
<httpRuntime targetFramework="4.5.0" />
<authorization>
<deny users="?"/>
</authorization>
<authentication mode="None"></authentication>
<sessionState mode="Off"></sessionState>
</system.web>
<location path="de">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<location path="public">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
启动类:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
CookieSecure = CookieSecureOption.SameAsRequest,
LoginPath = new PathString("/public/login.aspx")
});
我必须实现facebook身份验证,但我无法使用默认的CookieAuthentication来处理它。
如何将OWIN用于我的网址结构?
答案 0 :(得分:1)
我在这里找到了我的解决方案:https://msdn.microsoft.com/en-us/magazine/dd347546.aspx
如果使用MapPageRoute,可能是PageRouteHandler中存在错误,因为嵌套的URL结构:
de / {organization} - &gt;是允许的
de / {organization} / profile - &gt;不允许
如果您编写自己的RouteHandler并使用UrlAuthorizationModule.CheckUrlAccessForPrincipal,则所有工作都按预期工作。
routes.Add("", new Route("de/{organisation}/profile",
null,
new RouteValueDictionary { { "organisation", organisationConstraint } },
new WebFormRouteHandler("~/secure/profile.aspx", true)));
public class WebFormRouteHandler : IRouteHandler
{
public WebFormRouteHandler(string virtualPath)
: this(virtualPath, true)
{
}
public WebFormRouteHandler(string virtualPath, bool checkPhysicalUrlAccess)
{
this.VirtualPath = virtualPath;
this.CheckPhysicalUrlAccess = checkPhysicalUrlAccess;
}
public string VirtualPath { get; private set; }
public bool CheckPhysicalUrlAccess { get; set; }
public IHttpHandler GetHttpHandler(RequestContext requestContext)
{
if (this.CheckPhysicalUrlAccess && !UrlAuthorizationModule.CheckUrlAccessForPrincipal(this.VirtualPath, requestContext.HttpContext.User, requestContext.HttpContext.Request.HttpMethod))
{
requestContext.HttpContext.Response.StatusCode = (int)System.Net.HttpStatusCode.Unauthorized;
requestContext.HttpContext.Response.End();
}
var display = BuildManager.CreateInstanceFromVirtualPath(this.VirtualPath, typeof(Page)) as IHttpHandler;
return display;
}
}