具有现有成员数据库的ASP.NET MVC5 [英] ASP.NET MVC5 with existing Membership database

问题描述

我必须坚持使用现有的ASP.NET成员资格数据库.我正在使用新的MVC网站项目模板在VS2013(更新4)中开发新的MVC5网站.我修改了web.config以确保指定了旧的身份验证成员类型.我还修改了生成的[HttpPost] Login操作以确保我登录到我的Membership数据库-它可以正确登录我并根据需要生成身份验证cookie.

I have an existing ASP.NET Membership database which I have to stick to. I'm developing a new MVC5 website in VS2013 (update 4) using a new MVC website project template. I have modified web.config to ensure the old Membership type of authentication is specified. I have also modified generated [HttpPost]Login action to ensure I login against my Membership database - it logs me in correctly and generates an authentication cookie as required.

但是，由于我未通过身份验证，网站仍将我重定向到登录"页面. Request.IsAuthenticated确实表明我未通过身份验证.我想念什么?我有什么选择? web.config更改(仅更改):

However the website still redirects me to the Login page as I'm not authenticated. The Request.IsAuthenticated does show that I'm not authenticated. What am I missing? What are my options? web.config changes (only changes):

<connectionStrings>
  <add name="MyCS" connectionString="Data Source=sql1;Initial Catalog=MyDB;Persist Security Info=True;User ID=mysa;Password=mypw" providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
  <authentication mode="Forms">
    <forms timeout="20" name="seAdmin" loginUrl="~/Account/Login" />
  </authentication>
  <roleManager enabled="true" defaultProvider="CustomizedRoleProvider">
    <providers>
      <clear />
      <add name="CustomizedRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="MyCS" applicationName="/seAdmin" />
    </providers>
  </roleManager>
  <membership defaultProvider="CustomizedMembershipProvider">
    <providers>
      <clear />
      <add name="CustomizedMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="MyCS" applicationName="/seAdmin" />
    </providers>
  </membership>
  <machineKey validationKey="63A7C07B191BA3EF02DD4866C420DCAB81C9FFCCC617DE40ED6E2B89A2FC2BA3FA32C39D183FE0708E9279C14E58318D0C5E171C0AF802F154430679D1778485" decryptionKey="F5B9049DECB8C9A23B1D131E63D2ED5C15FF0AEB3C3E96FC" validation="SHA1" />
</system.web> 

登录操作:

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginViewModel model, string returnUrl)
{
    if (!ModelState.IsValid)
    {
        return View(model);
    }

    if (Membership.ValidateUser(model.Email, model.Password))
    {
        FormsAuthentication.SetAuthCookie(model.Email, model.RememberMe);
        if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1)
        {
            return Redirect(returnUrl);
        }
        else
        {
            return RedirectToAction("Index", "Home");
        }
    }
    else
    {
        ModelState.AddModelError("", "The user name or password provided is incorrect.");
    }
    return View(model);
}

FilterConfig添加一个全局授权属性

FilterConfig adds a global authorisation attribute

public class FilterConfig
    {
        public static void RegisterGlobalFilters(GlobalFilterCollection filters)
        {
            filters.Add(new HandleErrorAttribute());

            filters.Add(new AuthorizeAttribute() { Roles = "CWA" });
        }
    }

推荐答案

关于它为什么不起作用，我有一些理论，首先在web.config中有一个<system.webServer>标记，必须有一行用于删除FormsAuthentication，尝试将其注释掉，或再次添加一个，就像这样:

I have some theories as to why it doesn't work, firstly in web.config there is a <system.webServer> tag, there must be a line for removing FormsAuthentication, try commenting it out, or add one again, like so:

<system.webServer>
<modules>
  <remove name="FormsAuthentication" />
  <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
</modules>

其次，尝试User.Identity.IsAuthenticated来查看它也是错误的，并且您在应用程序中也扮演任何角色吗?

secondly try User.Identity.IsAuthenticated to see it is false too, also are you have any role in your app?

这篇关于具有现有成员数据库的ASP.NET MVC5的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！