aspnet 5(MVC6)Windows身份验证+角色+授权属性 [英] aspnet 5 (MVC6) Windows Auth + roles + Authorize attribute
问题描述
我有一个在aspnet 5 MVC 6上使用Windows Auth的应用程序(使用IIS + IISPlatformHandler的Obv)
I have an app that uses Windows Auth on aspnet 5 MVC 6 (obv using IIS + IISPlatformHandler)
如何限制AD组对控制器的访问?
How can I restrict access to a controller by AD group?
我已经尝试执行以下操作,但是它不起作用:(当我查看用户声明时,我看到许多组和声明看起来像SID的{S-1-5-4}
I have tried doing something like the following, but it won't work :( When I look at my user claims I see many groups and claims that look like SID's ex. {S-1-5-4}
[Authorize(Roles = "DOMAIN\\GROUP")
public class myController : Controller{...}
推荐答案
截至2016年7月,我发现以下内容现在可用于.NET Core RTM(WebAPI):
As of July 2016, I find the following now works with .NET Core RTM (WebAPI):
[Authorize(Roles = @"DOMAIN\Group")]
如果您还想测试,这里是project.json依赖项:
Here are the project.json dependencies in case you would also like to test:
{
"title": "My App",
"copyright": "2016",
"description": "WebAPI",
"dependencies": {
"Microsoft.AspNetCore.Mvc": "1.0.0",
"Microsoft.AspNetCore.Server.IISIntegration": "1.0.0",
"Microsoft.AspNetCore.Server.Kestrel": "1.0.0",
"Microsoft.Extensions.Configuration.EnvironmentVariables": "1.0.0",
"Microsoft.Extensions.Configuration.FileExtensions": "1.0.0",
"Microsoft.Extensions.Configuration.Json": "1.0.0",
"Microsoft.Extensions.Logging": "1.0.0",
"Microsoft.Extensions.Logging.Console": "1.0.0",
"Microsoft.Extensions.Logging.Debug": "1.0.0",
"Microsoft.Extensions.Options.ConfigurationExtensions": "1.0.0",
"Microsoft.NETCore.App": {
"version": "1.0.0",
"type": "platform"
},
"Newtonsoft.Json": "9.0.1",
"NLog.Extensions.Logging": "1.0.0-rtm-alpha2"
},
这篇关于aspnet 5(MVC6)Windows身份验证+角色+授权属性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!