Azure WorkerRole或自托管应用程序中的Hangfire仪表板授权 [英] Hangfire dashboard authorization in Azure WorkerRole OR Self Hosted application

问题描述

最近我介绍了Hangfire，我必须说它很棒.

It is very recent that I have introduced to Hangfire, and I must say it is awesome.

我正在开发一个应用程序，其中我以Azure工作者角色托管hangfire. 一切正常； 除了配置对hangfire仪表板的授权.

I am working on an application, wherein I am hosting hangfire in Azure worker role. Everything works perfect; the hangfire configuration, job scheduling, dashboard etc. except configuring authorization to hangfire dashboard.

我在配置hangfire仪表板的地方添加了OwinStartup类.我使用了IAuthorizationFilter和OwinMiddleware的自定义实现，预计现在应该在访问hangfire仪表板时提示用户提供凭据.但是没有帮助，在尝试访问仪表板时，它一直给我403响应. :(

I have added an OwinStartup class where I have configuring hangfire dashboard. I have used my custom implementation of IAuthorizationFilter and an OwinMiddleware, anticipating that user should now be prompted to provide credentials while accessing hangfire dashboard. But for no help, and it keep giving me 403 response when trying to access the dashboard. :(

如果我在配置仪表板时不使用授权过滤器选项，那么它可以正常工作，但是每个人都可以访问它.

It works perfectly alright if I don't use authorization filter option while configuring dashboard, but then everyone could access it.

这是我的启动课程-

    public void Configuration(IAppBuilder app)
    {
        app.UseWelcomePage("/");

        app.Use(typeof(AuthenticationMiddleware));

        app.UseHangfireDashboard("/hangfire", new DashboardOptions
        {
            AuthorizationFilters = new[] { new MyAuthorization() }
        });
    }

我已经按照建议 ...和我的自定义IAuthorizationFilter

...and my custom IAuthorizationFilter

public class MyAuthorization : IAuthorizationFilter
{
     public bool Authorize(IDictionary<string, object> owinEnvironment)
     {
         var context = new OwinContext(owinEnvironment);

         // Allow all authenticated users to see the Dashboard 
         return context.Authentication.User.Identity.IsAuthenticated;
     }
}

这是我在工作角色的OnStart方法中配置仪表板的方式. (参考)

This is how I am configuring dashboard in OnStart method of my worker role. (ref)

var endpoint = RoleEnvironment.CurrentRoleInstance.InstanceEndpoints["WorkerRoleEndpoint"];
string baseUri = String.Format("{0}://{1}", endpoint.Protocol, endpoint.IPEndpoint);//http://127.0.0.1:81/hangfire

owinApp = WebApp.Start<HangfireDashboardStartup>(new StartOptions(url: baseUri));

我猜自托管应用中的hangfire仪表板解决方案应该也能正常工作

推荐答案

以下nuget软件包可用于基本身份验证-

The following nuget package come to rescue for basic authentication -

Thinktecture.IdentityModel.Owin.BasicAuthentication

该软件包在这里可用- https://www.nuget.org/packages/Thinktecture.IdentityModel.Owin. BasicAuthentication/)

The package is available here - https://www.nuget.org/packages/Thinktecture.IdentityModel.Owin.BasicAuthentication/)

获取此程序包，然后在您的 owin startup 类中直接调用以下内容，而不是您自定义的Middlewawre-

Get this package and simply call the following in your owin startup class, instead of your custom middlewawre -

app.UseBasicAuthentication("SomeName", ValidateUser);

...其中ValidateUser是用于验证用户的功能.

...where ValidateUser is the function to validate the user.

    private Task<IEnumerable<Claim>> ValidateUser(string id, string secret)
    {
        if (id == secret) //Dummy validation, modify it accordingly
        {
            var claims = new List<Claim>
            {
                new Claim(ClaimTypes.NameIdentifier, id),
                new Claim(ClaimTypes.Role, "Foo")
            };
            return Task.FromResult<IEnumerable<Claim>>(claims);
        }
        return Task.FromResult<IEnumerable<Claim>>(null);
    }

您完成了！现在，当您访问hangfire仪表板时，将提示您输入凭据.

And your are done! Now when you will access hangfire dashboard, you will be prompted for credentials.

这篇关于Azure WorkerRole或自托管应用程序中的Hangfire仪表板授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！