在表单身份验证中,[Authorize(Roles = "Admin")]无效。
这是web.config:
<roleManager enabled="true" />
<authentication mode="Forms">
<forms defaultUrl="~/Account/Login" loginUrl="~/Account/Login" domain=".xyz.com" path="/"/>
</authentication>
<machineKey validationKey="395BB0DAFA02BA520EDB43E7EDF06BBFD72FC13A5209243270539E01074B0EA4" decryptionKey="037D2C9D97979D8D810F4A6A2B9337BD181F32167735F2E0" validation="SHA1"/>
以下是Global.asax中的Application_AuthenticateRequest
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
try
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
JavaScriptSerializer serializer = new JavaScriptSerializer();
CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(authTicket.UserData);
CustomPrincipal newUser = new CustomPrincipal(authTicket.Name);
newUser.UserID = serializeModel.UserID;
newUser.FirstName = serializeModel.FirstName;
newUser.LastName = serializeModel.LastName;
newUser.ProfilePicture = serializeModel.ProfilePicture;
newUser.UserCode = serializeModel.UserCode;
newUser.UserEmail = serializeModel.UserEmail;
newUser.UserType = serializeModel.UserType;
newUser.Fk_Parent = serializeModel.Fk_Parent;
newUser.CompanyID = serializeModel.CompanyID;
newUser.isSASS = serializeModel.isSASS;
newUser.Commission = serializeModel.Commission;
newUser.CommissionManager = serializeModel.CommissionManager;
newUser.ISACount = serializeModel.ISACount;
HttpContext.Current.User = newUser;
}
catch (Exception ex)
{
HttpContext.Current.User = null;
}
}
}
interface ICustomPrincipal : IPrincipal
{
int UserID { get; set; }
string FirstName { get; set; }
string LastName { get; set; }
string ProfilePicture { get; set; }
Guid UserCode { get; set; }
string UserEmail { get; set; }
int UserType { get; set; }
int Fk_Parent { get; set; }
string CompanyID { get; set; }
Nullable<bool> isSASS { get; set; }
double? Commission { get; set; }
double? CommissionManager { get; set; }
Nullable<int> ISACount { get; set; }
}
public class CustomPrincipal : ICustomPrincipal
{
public IIdentity Identity { get; private set; }
public bool IsInRole(string role) {
string inRole = string.Empty;
inRole =Enum.GetName(typeof(UserType), UserType);
if (inRole == role)
{
return true;
}
else
{
return false;
}
}
public CustomPrincipal(string email)
{
this.Identity = new GenericIdentity(email);
}
public int UserID { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string ProfilePicture { get; set; }
public Guid UserCode { get; set; }
public string UserEmail { get; set; }
public int UserType { get; set; }
public int Fk_Parent { get; set; }
public string CompanyID { get; set; }
public Nullable<bool> isSASS { get; set; }
public double? Commission { get; set; }
public double? CommissionManager { get; set; }
public Nullable<int> ISACount { get; set; }
}
public class CustomPrincipalSerializeModel
{
public int UserID { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string ProfilePicture { get; set; }
public Guid UserCode { get; set; }
public string UserEmail { get; set; }
public int UserType { get; set; }
public int Fk_Parent { get; set; }
public string CompanyID { get; set; }
public Nullable<bool> isSASS { get; set; }
public double? Commission { get; set; }
public double? CommissionManager { get; set; }
public Nullable<int> ISACount { get; set; }
}
这是控制器:
[Authorize(Roles = "Admin,SubAdmin")]
public ActionResult Index()
{
////
}
问题是当我在web.config中使用<authentication mode="Forms">时,授权角色无效。
我有两个不同的域名(一个是假设xyz.com,另一个是a.xyz.com(子域名)
这里我将cookie值从一个传递给另一个用于访问所有数据。(sso)
以上代码位于xyz.com。
global.asax上的a.xyz.com代码相同
所以如何解决问题。这两个都在Mvc 5 c#。