图像调整User.Identity在事件处理程序 [英] Image Resizer User.Identity in eventhandler
问题描述
增加了一个AuthorizeImage事件处理程序,以图像访问限制。注意到,当我试图检查用户名和authenticationstatus以下内容:
Added an AuthorizeImage eventhandler to image access restriction. Noticed the following when i was trying to check the users name and authenticationstatus:
下面将不会导致异常,但似乎打破它。没有找到图片的默认图标显示,无论认证与否。
经测试this.User =相同的结果。 HttpContext.Current.User =相同的结果。
Below will not result in exception, but seem to break it. Default icon for image not found is displayed no matter authenticated or not. Tested this.User = same result. HttpContext.Current.User = same result
Config.Current.Pipeline.AuthorizeImage += delegate(IHttpModule sender, HttpContext context, IUrlAuthorizationEventArgs e)
{
if (context.User.Identity.IsAuthenticated) { context.Response.Redirect("http://db2.stb00.s-msn.com/i/AF/263B63C5E656379CEE93E7A8692EC7.gif"); }
};
下面的工作就好了(this.User和HttpCOntext.Current.User以及)
The below work just fine(this.User and HttpCOntext.Current.User as well)
Config.Current.Pipeline.AuthorizeImage += delegate(IHttpModule sender, HttpContext context, IUrlAuthorizationEventArgs e)
{
context.Response.Redirect("http://db2.stb00.s-msn.com/i/AF/263B63C5E656379CEE93E7A8692EC7.gif");
};
这总是重定向
Config.Current.Pipeline.AuthorizeImage += delegate(IHttpModule sender, HttpContext context, IUrlAuthorizationEventArgs e)
{
if (context.User == null)
context.Response.Redirect("http://db2.stb00.s-msn.com/i/AF/263B63C5E656379CEE93E7A8692EC7.gif");
};
我在开始测试的Application_Start但实际上试图Application_PostAuthenticateRequest为好。尽管结果,其中相同的。通过自定义code,但使用标准formsatuhentication设置cookie进出口认证。 [授权]在应用程序工作正常。任何建议什么可以去错在这里?
I started testing in Application_Start but actually tried Application_PostAuthenticateRequest as well. Though the result where the same. Im authenticating via custom code but using standard formsatuhentication to set the cookie. [Authorize] works fine in the application. Any suggestion to what could have gone wrong here?
推荐答案
您的服务器被配置为只运行了一定的要求扩展,如的.aspx,.ashx的,等FormsAuthenticationModule有两种方法来解决这个问题。
Your server is configured to only run the FormsAuthenticationModule for certain request extensions, such as .aspx, .ashx, etc. There are two ways to solve this.
- 删除并重新添加FormsAuthenticationModule
< system.webServer>
(综合模式),丢弃precondition =managedHandler属性:
<模块> - 启用RAMMFAR(runAllManagedModulesForAllRequests)
- Remove and re-add the FormsAuthenticationModule in
<system.webServer> <modules>
(For Integrated Mode), dropping the precondition="managedHandler" attribute: - Enable RAMMFAR (runAllManagedModulesForAllRequests)
此文章包含有关实现#1和#2的详细信息:
This post contains more details about implementing #1 and #2:
<一个href=\"http://stackoverflow.com/questions/2903292/how-do-i-protect-static-files-with-asp-net-form-auhentication-on-iis-7-5\">How我在IIS 7.5与保护ASP.NET表单auhentication静态文件?
这篇关于图像调整User.Identity在事件处理程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!