asp.net核心3.1未经授权401重定向到未经授权的razorpage无法正常工作 [英] asp.net core 3.1 unauthorized 401 redirect to an unauthorized razorpage not working
问题描述
我是.net core的新手,但在asp.net中已经发展了几年.我有一个基于Windows AD身份验证的核心站点.我正在使用广告组来控制访问,我的剃须刀索引页面已设置为广告组
I am new to .net core but have developed in asp.net for a few years. I have a site in core that is Windows AD based auth. I am using AD groups to control access, my razor index page is setup for an AD group
[Authorize(Policy = "ADRoleOnly")]
当不是该组成员的用户尝试访问剃刀索引页面时,将得到403拒绝.我试图弄清楚如何将它们重定向到我设置为"/unAuthAccess"的剃刀页面..此"/unAuthAccess"剃刀页设置为
when a user that is not part of the group tries to access the razor index page they get a 403 denied. I am trying to figure out how to redirect them to a razor page i have setup as "/unAuthAccess" . This "/unAuthAccess" razorpage is set to
[AllowAnonymous]
并且我验证了AD组中的用户可以查看此"/unAuthAccess"页面正常,以及不属于AD组的用户都获得403,因此allowanonymous适用于/unAuthAccess页面.
and i verified that users in the AD group can view this '/unAuthAccess" page fine, as well as users that are not part of the AD group that get the 403, so the allowanonymous is working for the /unAuthAccess page.
因此,当任何用户点击我在该策略中设置的任何页面(如果他们无权查看该页面)时,我都不知道该在何处或如何进行重定向.
so i don't know where or HOW to put in a redirect when any users hits any page i have set with the policy when they don't have authorization to view it.
[Authorize(Policy = "ADRoleOnly")]
我已经在Startup.cs中尝试了以下两种状态,分别为401和403
I have tried in Startup.cs the following with both 401 and 403 status
app.UseStatusCodePages(async context =>
{
if (context.HttpContext.Response.StatusCode == 401)
{
app.Use(async (context, next) =>
{
context.Request.Path = "/UnAuthAccess";
await next();
});
}
});
这不起作用.所以我尝试了
which did not work. so then i tried
app.UseStatusCodePagesWithRedirects("/Errors/{0}");
,将剃刀页设置为"/Errors/401"以及"/Errors/403"我不记得应该将其设置为哪一个,并从用户那里捕获unAuth访问.
with the razor page set to "/Errors/401" and also "/Errors/403" i couldn't remember which one it should be set to and catch the unAuth access from the user.
无论哪种方式,用户都不会重定向到我的razorpage,而我只是收到标准的浏览器HTTP错误403拒绝消息.
either way the user doesn't get redirected to my razorpage and i just get a standard browser HTTP error 403 denied message.
只是寻求有关重定向如何在核心中工作的帮助???我应该直接从剃须刀页面的cs/后端代码中以某种方式直接进行重定向吗?
just looking for help on how redirects work in core??? should i be doing the redirect somehow directly from the razor page cs/backend code if so how??
我使用Global.asax在旧的asp.net 4.x中运行此方法,但是该方法在core:(
I have this working in old asp.net 4.x using Global.asax, but this method does not work in core :(
if (Response.StatusCode == 401 && Request.IsAuthenticated)
{
Response.Redirect("~/unauthAccess.aspx");
}
推荐答案
我想通了,我不得不移动这行
i figured it out , i had to move the line
app.UseStatusCodePagesWithRedirects("Errors/{0}");
到Startup.cs中的静态文件和路由调用之前
to before staticfiles and routing calls in Startup.cs
if (env.IsDevelopment())
{
//sets ad domain and mail server for specific test environments
misc.ad_domain = "corp.emc.com";
misc.smtp_server = "mailhub.lss.emc.com";
app.UseStatusCodePagesWithRedirects("/Errors/{0}");
app.UseDeveloperExceptionPage();
}
else
{
app.UseStatusCodePagesWithRedirects("/Errors/{0}");
app.UseDeveloperExceptionPage();
//app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseStaticFiles();
app.UseRouting();
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
是的,我知道我只是将它放在enI.Development中进行调试测试.我希望这可以帮助其他任何人从以前的.net进入asp.net核心,我知道这对我来说是一个学习过程,可以将东西放置在Startup.cs中.
yes i know i just put it in env.IsDevelopment for my debug testing. I hope this helps anyone else moving into asp.net core from previous .net i know it was a learning curve for me on where stuff gets placed in Startup.cs
使用此设置,我不得不将我的剃刀页面路由从"/unAuthAccess"更改为到"Errors/401",以显示我的未认证页面:)
with this setup i had to change my razor page route from "/unAuthAccess" to "Errors/401", to get my unauth page to display :)
这篇关于asp.net核心3.1未经授权401重定向到未经授权的razorpage无法正常工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!