ASP.Net MVC授权行动过滤器 [英] ASP.Net MVC Authorisation action filter
问题描述
我试图理解错误处理在MVC preVIEW 4使用授权[授权]操作过滤器时,是如何工作的。
I'm trying to understand how error handling works when using the Authorize [Authorize] Action Filter in MVC Preview 4.
我有一个看起来像这样的动作:
I have an action that looks like this:
[Authorize(Roles = "DOMAIN\\NOTAUTHORISED_ROLE" )]
[HandleError]
public ActionResult NeedAuthorisation()
{
throw new NotImplementedException();
}
在我访问的网址:的http://本地主机:2197 / testAuthorisation / NeedAuthorisation
,我得到了我的浏览器中的空白页。在Firebug我可以看到有人要求和 401的响应状态 - 未经授权
已返回。但我不会被重定向或有customError返回。使用我授权的角色时一切正常。
When I visit the url: http://localhost:2197/testAuthorisation/NeedAuthorisation
, I get a blank page in my browser. In Firebug I can see that a request was made and a response-status of 401 - Unauthorised
has been returned. But I'm not being redirected or having a customError returned. Everything works as expected when using a role that I'm authorized for.
这是使用Windows身份验证。我在写一些code尝试Forms身份验证,看看我得到了同样的问题的中间。
我有<的customErrors模式=ON/方式>
设置并创建了错误页面,无论是在testAuthorisation文件夹和共享文件夹
This is using Windows authentication. I'm in the middle of writing some code to try out Forms authentication to see if I get the same issue.
I have <customerrors mode="On"/>
set and have created error pages, both in the testAuthorisation folder and the Shared folder.
推荐答案
我最终发现的这解决了我的问题,这MVC教程:
当您尝试调用一个控制器动作究竟发生了什么
而不正确的权限取决于类型
认证功能。默认情况下,使用ASP.NET开发时
服务器,你只要得到一个空白页。该页面送达401不
授权HTTP响应状态。
Exactly what happens when you attempt to invoke a controller action without being the right permissions depends on the type of authentication enabled. By default, when using the ASP.NET Development Server, you simply get a blank page. The page is served with a 401 Not Authorized HTTP Response Status.
这篇关于ASP.Net MVC授权行动过滤器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!