ASP.NET MVC 3个区域，并在web.config中多种认证 [英] ASP.NET MVC 3 Areas and multiple authentication in web.config

问题描述

我一直在试图遵循这个博客让工作区：

I have been attempting to follow this blog to get Areas working:

<一个href=\"http://mstechkb.blogspot.com/2010/10/areas-in-aspnet-mvc-20.html\">http://mstechkb.blogspot.com/2010/10/areas-in-aspnet-mvc-20.html

在博客文章，它确定有认证单位面积设置，例如能力：

In the blog post, it identifies the ability to have authentication set per Area, e.g.:

<location path="Area1">
  <system.web>
  <authentication mode="Windows" />
  <authorization> 
    <allow roles="role1,role2"/>
    <deny users="*"/> 
  </authorization> 
</system.web>
</location>

然而，当我尝试在Visual Studio中新的项目来创建这个2010我碰到下面的错误，当我运行：

However, when I try to create this in a new project in Visual Studio 2010 I get the following error when I run:

这是使用注册为allowDefinition =应用程序级别之外'MachineToApplication'的节是错误的。这个错误可以通过未被配置为在IIS中应用程序的虚拟目录引起的。

It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.

这是我所看到的，这是因为，除非它是在顶级web.config中你不能指定认证元素。

From what I can see this is because you cannot specify an authentication element unless it is in the top level web.config.

所以这是可以做到的博客文章说什么？你可以有位置元素中验证元素在web.config地方？

So it is possible to do what the blog post says? Can you have Areas with Authentication elements inside Location elements in the web.config?

推荐答案

我已经了解了ASP.NET MVC，它总是最好设置与授权规则[授权]应用于单个控制器的属性，因为它是更安全，更充分的考虑方式路由系统的作品。

What I have learnt about ASP.NET MVC, it's always better to set the authorization rules with [Authorization] attribute applied to individual controllers, because it is safer and more adequate considering the way routing system works.

这篇关于ASP.NET MVC 3个区域，并在web.config中多种认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！