ClaimsAuthorizationManager的AuthorizationContext参数不包含incomingPrincipal的声明 [英] AuthorizationContext parameter of ClaimsAuthorizationManager does not contain claims of incomingPrincipal
问题描述
我在MVC 4应用程序中遗漏了一些重要内容。
I'm missing something important in my MVC 4 Application.
我正在使用被动ws-fed和我的ACS。 工作得很漂亮。
I am using passive ws-fed with my ACS. Works beautifully.
我有一个简单的自定义声明身份验证管理器,除了调用base.Authenticate()之外我什么都不做。 当我在此方法中设置断点并检查incommingPrincipal时,我可以枚举Claims集合并查看我的ACS发布的声明。
I have a simple Custom ClaimsAuthenticationManager where I do nothing but call the base.Authenticate(). When I set a breakpoint in this method and inspect the incommingPrincipal I can enumerate the Claims collection and see the claims that my ACS issued.
Next
我有一个简单的Custom ClaimsAuthorizationManager。 我在CheckAccess方法中设置了一个断点。 当我检查context.Principal并尝试枚举Claim集合时,函数超时。 它试图以旧的方式使用RoleProvider来读取我的SQLProvider
。
I have a simple Custom ClaimsAuthorizationManager. I have set a breakpoint in my CheckAccess method. When I inspect the context.Principal and try to enumerate Claims collection the function times out. It is trying to read my SQLProvider as in the old way of using a RoleProvider.
但是...... 如果我检查context.Principal.Identity.ClaimsPrincipal.m_instanceClaims我可以列举身份声明。 而context.Principal.Identity.ClaimsPrincipal.Claims集合也列举并向我展示了声明。
BUT... If I inspect the context.Principal.Identity.ClaimsPrincipal.m_instanceClaims I can enumerate the claims for the identity. And the context.Principal.Identity.ClaimsPrincipal.Claims collection also enumerates and shows me the claims.
这对我来说似乎很奇怪。 起初我认为与context有一些脱节。主要类型为System.Web.Security.RolePrincipal,context.Principal.Identity.ClaimsPrincipal属于System.Security.Claims.ClaimsPrincipal类型。
除了context.Principal.Claims正在调用System.Security.Claims.ClaimsPrincipal.getClaims(),它与context.Principal.Identity.ClaimsPrincipal.Claims相同。
And that seems weird to me. At first I thought there was some disconnect with context.Principal being of type System.Web.Security.RolePrincipal and context.Principal.Identity.ClaimsPrincipal being of type System.Security.Claims.ClaimsPrincipal. Except that context.Principal.Claims is calling System.Security.Claims.ClaimsPrincipal.getClaims(), which is the same as context.Principal.Identity.ClaimsPrincipal.Claims.
我必须遗漏一些简单的东西。
I have to be missing something simple.
Sharpester
Sharpester
推荐答案
有点更新。 我使用的是WIF 4.5。 我对这些类进行了一些反思,而RolePrincipal似乎正在迭代Identities集合并使用所有Identities中的所有声明填充角色。
A bit of an update. I am using WIF 4.5. I did a little bit of reflection on the classes and RolePrincipal appears to be iterating over the Identities collection and populating Roles with all Claims from all Identities.
就好像发生某种状态腐败一样。
It's as if there is some sort of state corruption occurring.
这篇关于ClaimsAuthorizationManager的AuthorizationContext参数不包含incomingPrincipal的声明的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
