ASP Core Azure Active Directory登录使用角色 [英] ASP Core Azure Active Directory Login use roles
问题描述
我创建了一个Azure Active Directory应用程序,我想使用基于角色的安全性.我按照以下教程进行操作: https ://azure.microsoft.com/zh-CN/resources/samples/active-directory-dotnet-webapp-openidconnect-aspnetcore/
I created an Azure Active Directory Application and i want to use role based security. I followed the tutorial on: https://azure.microsoft.com/en-us/resources/samples/active-directory-dotnet-webapp-openidconnect-aspnetcore/
登录有效,我将角色添加到应用程序清单中,并将角色Approver
分配给我自己的帐户.现在我想使用这些角色.
The login works, I added roles to the application manifest and assigned the role Approver
to my own account. Now i want to use these roles.
登录后,控制器中将执行以下操作:
After login the following works in the controller:
[Authorize]
但是在添加角色时,用户无权授权:
But when adding the role the user is not authorized:
[Authorize(Roles="Approver")]
以下内容还返回false:
Also the following returns false:
User.IsInRole("Approver");
似乎角色没有恢复,关于如何向此演示项目中添加角色功能的任何建议?
It seems the roles are not retreived, any suggestions on how to add the role functionality to this demo project?
推荐答案
将角色分配给account之后,此代码示例对我有用.请在以下行中调试应用程序:User.IsInRole("Approver"); ,检查用户声明中是否存在{http://schemas.microsoft.com/ws/2008/06/identity/claims/role: Approver}
.并确保您添加角色,其中allowedMemberTypes是用户,例如:
This code sample works for me after assign roles to account . Please debug application in this line: User.IsInRole("Approver"); , check whether {http://schemas.microsoft.com/ws/2008/06/identity/claims/role: Approver}
exists in user claims . And make sure you add roles which allowedMemberTypes is user , for example :
{
"allowedMemberTypes": [
"User"
],
"displayName": "Approver",
"id": "fc803414-3c61-4ebc-a5e5-cd1675c14bbb",
"isEnabled": true,
"description": "Approvers have the ability to change the status of tasks.",
"value": "Approver"
},
您已经在Enterprise applications
-> All applications
->中找到了用户角色,然后找到了应用程序-> Users and groups
->添加/编辑用户并分配了角色:
And you have assign the user role in Enterprise applications
-->All applications
--> find your app-->Users and groups
--> add/edit a user and assign roles :
这篇关于ASP Core Azure Active Directory登录使用角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!