从RequiredRole和其他策略捕获异常，以使用Fluent Security进行重定向 [英] Catch exceptions from RequiredRole and other policies to redirect using Fluent Security

问题描述

使用Fluent Security，我使用DenyAnonymousAccess，DenyAuthenticationAccess和RequireRole配置了网站访问。

Using Fluent Security, I have configured website access using DenyAnonymousAccess, DenyAuthenticationAccess and RequireRole.

SecurityConfigurator.Configure(configuration =>
{
    configuration.ResolveServicesUsing(new FluentSecurityServiceLocator());
    configuration.GetAuthenticationStatusFrom(CurrentUser.IsAuthenticated);

    configuration.GetRolesFrom(CurrentUser.Roles);

    configuration.For<HomeController>().DenyAnonymousAccess();
    configuration.For<ReportsController>().RequireRole(UserRole.Administrator);
    configuration.For<AccountController>().DenyAuthenticatedAccess();

    configuration.For<AccountController>(x => x.ChangePassword()).DenyAnonymousAccess();
});

我已经处理了DenyAnonymousAccess的PolictyViolationException，并重定向到登录页面。

I've handled the PolictyViolationException for DenyAnonymousAccess and redirected to the logon page.

public ActionResult Handle(PolicyViolationException exception)
{
    return new RedirectToRouteResult(
       new RouteValueDictionary(new { action = "Login", controller = "Account" })
       );
}

但我不确定是否捕获RequireRole的异常是相同的过程？如果RequireRole被违反，我需要重定向。

But I'm not sure if catching an exception from RequireRole is the same process? I need to redirect if RequireRole is violated.

此外，当用户未登录并单击附加到角色的链接时，我会收到未处理的版本的denyanonymousaccess异常。我在配置和实现中做错了什么？

Also, when user isn't logged on and clicks a link attached to a role, I get the unhandled version of denyanonymousaccess exception. What am I doing wrong in my configuration and implementation??

推荐答案

你必须正确定义违规处理程序类的名称。这取决于需要处理的违规行为。
如果您正在处理DenyAnonymousAccessPolicy的违规，您的违例处理程序类必须以名称开头，并且必须实现IPolicyViolationHandler。所有违反政策的规则必须符合以下条件：
这样：

You have to define the name of the violation handler class correctly. It depends on the violation which needs to be handled. If you are handling the violation for DenyAnonymousAccessPolicy, your violation handler class must have the name start with the policy name and it must implement IPolicyViolationHandler. This rule must be followed for all policy violations like this:

public class DenyAnonymousAccessPolicyViolationHandler : IPolicyViolationHandler
{
    public ActionResult Handle(PolicyViolationException exception)
    {

        //Log the violation, send mail etc. etc.
        var rvd = new RouteValueDictionary(new
        {
            area = "",
            controller = "Account",
            action = "LogOn",
            statusDescription = exception.Message
        });
        return new RedirectToRouteResult(rvd);

    }
}

对于RequireRolePolicy，处理程序应该看起来像这样：

For RequireRolePolicy, the handler should look like this:

public class RequireRolePolicyViolationHandler : IPolicyViolationHandler
{
    public ActionResult Handle(PolicyViolationException exception)
    {

        //Log the violation, send mail etc. etc.
        var rvd = new RouteValueDictionary(new
        {
            area = "",
            controller = "Home",
            action = "Home",
            statusDescription = exception.Message
        });
        return new RedirectToRouteResult(rvd);

    }
}

查看此链接了解更多知识流利的安全策略违规处理程序。

Check this link for further knowledge on fluent security policy violation handlers.

https://github.com/kristofferahl/FluentSecurity/wiki/Policy-violation-handlers-2.0

希望它有帮助！

这篇关于从RequiredRole和其他策略捕获异常，以使用Fluent Security进行重定向的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！