自定义AuthorizeAttribute未调用 [英] Custom AuthorizeAttribute not called
问题描述
那里有很多类似的问题,但这让我很困惑.
There are a lot of similar questions out there but this has me stumped.
如果我使用[授权],则提示输入用户名和密码,但是如果我使用[InternalAuthorizeV2],则不会
If I used [Authorize] I get prompted for a username and password but if I use [InternalAuthorizeV2] I don't
我有一个自定义的AuthorizeAttribute,目前它并没有做任何特别的事情(我在限制可能出错的事情).
I have a custom AuthorizeAttribute that for the moment does not do any anything special (I'm limiting things that could be wrong).
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public class InternalAuthorizeV2Attribute: AuthorizeAttribute
{}
和控制器中的操作
[InternalAuthorizeV2(Roles = "MobileApps_Parkingggg")]
public ActionResult Index()
{
var model = new VmParking();
return View(model);
}
登录是在不同的应用程序中处理的,但是它们具有相同的Web配置行
The login is handled in a different app but they have identical web config lines
<machineKey compatibilityMode="Framework20SP2" validationKey="editedOut" decryptionKey="editedOut" validation="SHA1" decryption="AES"/>
<authentication mode="Forms">
<forms name="emLogin" loginUrl="/Login/Index" timeout="540" protection="All" path="/" enableCrossAppRedirects="true" cookieless="UseCookies" />
</authentication>
<sessionState timeout="540" />
我知道,如果我登录到具有[授权]的页面,然后返回到故障页面,我可以看到用户名,但它似乎没有调用我的客户属性.
I know that if I login by going to a page with [Authorize] then back to my trouble page I can see the username but it doesn't seem to be calling my customer attribute.
新信息: 我的属性位于许多应用程序使用的共享DLL中.看来,如果我将CS文件复制到Web项目中,则可以正常工作.不知道为什么,仍在寻找提示或技巧.
New information: My attribute is in a shared DLL as it's used by many apps. It seems that if I copy the cs file to the web project it works. No idea why, still looking for hints or tips.
推荐答案
从您所说的来看,如果您使用[Authorize]而不使用[InternalAuthorizeV2],则一切正常.
From what you've said, it all behaves fine if you use [Authorize] but not [InternalAuthorizeV2].
如果共享dll设置正确,则不会有任何区别.我有同样的事情在工作.确保Web项目使用的是dll的最新版本,并且共享的dll-System.Web.Mvc, v4.0.0.0在我的项目中具有正确的程序集引用.
Your shared dll shouldn't make any difference if it is set up correctly; I have the same thing working. Make sure the web project is using the latest version of the dll and you have the right assembly references in the shared dll - System.Web.Mvc, v4.0.0.0 in my project.
您说它被许多应用程序使用了吗?所有应用程序是否都与共享dll或仅其中之一具有相同的问题?如果只是其中之一,请检查有问题的参考.
You say its used by many apps? Do all apps have the same problem with the shared dll or just one of them? If it's just one, check the references for the one with the problem.
如果以下内容测试了所有工作,那么最后的选择是,您在dll中的authorize属性中所做的任何操作都没有为该应用选择正确的上下文,或者使用了正确的成员资格提供程序或数据库-您还没有没有在属性中包含您正在使用的代码,因此很难知道这是否会导致问题.
If the below tests all work then the final option is that whatever you are doing in your authorize attribute in the dll isn't picking up the right context for that app, or using the right membership provider or database - you haven't included the code you are using inside your attribute so it's hard to know if that could be causing a problem.
您可以尝试将基本授权属性添加到共享的dll,然后在Web项目中实现另一个授权属性,该属性继承刚创建的基本属性.这应该表明您正确设置了共享dll.
You could try adding a base authorize attribute to your shared dll, and then implementing another authorize attribute in your web project that inherits the base attribute you just created. This should show that you have your shared dll set up correctly.
// in the dll:
public class BaseAuthorizeAttribute : System.Web.Mvc.AuthorizeAttribute { ... }
// in the web project:
public class InternalAuthorizeV2Attribute : BaseAuthorizeAttribute { ... }
如果只是将其从您的dll项目中移动到Web项目中即可对其进行修复,则最可能的问题是该Web项目未使用正确版本的dll(尝试清理并进行完整的重建),或者您的dll引用了System.Web.Mvc.AuthorizeAttribute的dll错误.您说您已经进行了三重检查,但是如果确实如此,尝试上面的调试应该可以帮助您解决问题.
If simply moving it from your dll project to the web project fixes it, the most likely issue is the web project is not using the right version of the dll (try cleaning and doing a complete rebuild) or your dll is referencing the wrong dlls for the System.Web.Mvc.AuthorizeAttribute. You say you have triple checked, but trying the above debugging should help you work out if this really is the case.
如果这不起作用,则尝试将以下重写方法添加到一个非常简单的属性中,并查看是否在调用base.OnAuthorization时遇到了断点.如果不这样做,那么可能不是导致问题的实际属性.
If that doesn't work then try adding the following override methods to a very simple attribute, and seeing if you hit the breakpoint on the call to base.OnAuthorization. If you don't, then it may not be the actual attributes causing your problem.
[AttributeUsageAttribute(AttributeTargets.Class|AttributeTargets.Method,
Inherited = true, AllowMultiple = true)]
public class InternalAuthorizeV2Attribute : System.Web.Mvc.AuthorizeAttribute {
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext) {
return false; // breakpoint here, and this should force an authorization failure
}
public override void OnAuthorization(System.Web.Mvc.AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext); // breakpoint here
}
}
这应该完全阻止任何用户访问该操作.如果那不起作用,那么您知道问题不在于您的属性,而是您的属性未得到应用.
This should completely prevent any user access to the Action. If that doesn't work then you know the issue doesn't lie in your attribute, but that your attribute is not being applied.
您还可以将以下内容添加到控制器中,并检查是否在authorize属性之前被命中:
You can also add the following to your controller and check that it is hit before the authorize attribute:
protected override void OnAuthorization(AuthorizationContext filterContext) {
base.OnAuthorization(filterContext);
}
授权链
请注意,您已将属性附加到Action方法,因此,只有在链中较早的授权属性(例如,全局过滤器或控制器属性)尚未阻止用户被授权时,该属性才会被选中(请参见在这里我的答案),或过早返回一个ActionResult,它会阻止链到达您的Action属性.但是,如果仅将其从dll移到项目中就可以使它正常工作,那么这不太可能是问题所在.同样,您所说的AllowAnonymous不太可能出现在错误的位置.
Authorization chaining
Note that you have your attribute attached to the Action method, so it will only be hit if a an authorization attribute earlier in the chain (e.g. a global filter or controller attribute) hasn't already prevented the user being authorized (see my answer here), or prematurely returns an ActionResult that stops the chain reaching your Action attribute. However it's unlikely this is the problem if simply moving it from the dll to the project makes it work. Similarly it's unlikely you have an AllowAnonymous in the wrong place from what you've said.
这篇关于自定义AuthorizeAttribute未调用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
