如何使用Asp.Net身份2将用户添加到角色后无效.AspNet.ApplicationCookie？ [英] How to invalidate .AspNet.ApplicationCookie after Adding user to Role using Asp.Net Identity 2?

问题描述

我有2个涉及到的问题：

  

1）我需要添加后invalidate.AspNet.ApplicationCookie /
  删除使用Asp.Net身份2.一些远程用户角色我试着
  使用UpdateSecurityStamp，但由于没有密码或用户名
  改变，仍然SecurityStamp相同。当我使用ApplicationRoleManger
  我可以看到，用户角色被更新，但在User.Identity他们索赔
  保持不变。

  
  

2）如何.AspNet.ApplicationCookie验证工作，我怎么能
  访问它？

我试图用这个code，但没有效果。

<一个href=\"http://stackoverflow.com/questions/19487322/what-is-asp-net-identitys-iusersecuritystampstoretuser-interface\">What是ASP.NET身份的IUserSecurityStampStore＆LT;＆TUSER GT;接口？

更新：这是我的Cookie验证设置：

  app.UseCookieAuthentication（新CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie，
            LOGINPATH =新PathString（/帐号/登录），
            供应商=新CookieAuthenticationProvider
            {
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity＆LT; ApplicationUserManager，ApplicationUser＆GT;（
                    validateInterval：TimeSpan.FromSeconds（0），
                    regenerateIdentity：（经理，用户）=＆GT; user.GenerateUserIdentityAsync（经理））
                OnApplyRedirect = CTX =＆GT;
                {
                    如果（！IsApiRequest（ctx.Request））
                    {
                        ctx.Response.Redirect（ctx.RedirectUri）;
                    }
                }
            }
        }）;
 

我可以看到user.GenerateUserIdentityAsync（经理）仅在登录hitted。

解决方案

设置CookieAuthenticationOptions是不够的。当我创造了一切VS新的ASP.NET MVC项目工作好，GenerateUserIdentityAsync（）由每个请求hitted（如果validateInterval为0）。唯一的问题是，你必须每注册请求上下文：

  app.CreatePerOwinContext（ApplicationDbContext.Create）;
app.CreatePerOwinContext＆LT; ApplicationUserManager＆GT;（ApplicationUserManager.Create）;
 

由于我使用Winsdor城堡创建每个请求的情况下，我删除了模板这些行。
在ApplicationUserManager.Create注射方法设置UserTokenProvider，这确实神奇perharps。

无处在的文件是关于什么的，但最后却解决了这个问题。

如果您使用的是自己的IoC，您可以解决依赖这种方式（例如使用城堡Winsdor）

  app.CreatePerOwinContext（（）=＆GT; IoCContainerManager.Container.Resolve＆LT; ApplicationDBContext＆GT;（））;
app.CreatePerOwinContext（（）=＆GT; IoCContainerManager.Container.Resolve＆下; ApplicationUserManager＆GT;（））;
 

和注册类型是这样的：

<$p$p><$c$c>container.Register(Component.For<ApplicationDBContext>().LifestylePerWebRequest());
container.Register（Component.For＆LT; ApplicationUserManager＆GT;（）LifestylePerWebRequest（））;

I have 2 questions related to that:

1) I need to invalidate.AspNet.ApplicationCookie after Adding / Removing some remote user to Role using Asp.Net Identity 2. I Tried to use UpdateSecurityStamp, but since no password or username is changed, SecurityStamp remains same. When I use ApplicationRoleManger I can see that User roles are updated but in User.Identity Claims they stay unchanged.

2) How does .AspNet.ApplicationCookie Validation work and how can I access it?

I was trying to use this code, but with no effect

What is ASP.NET Identity's IUserSecurityStampStore<TUser> interface?

Update: This is my Cookie Auth setting:

 app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            Provider = new CookieAuthenticationProvider
            {
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                    validateInterval: TimeSpan.FromSeconds(0),
                    regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)),
                OnApplyRedirect = ctx =>
                {
                    if (!IsApiRequest(ctx.Request))
                    {
                        ctx.Response.Redirect(ctx.RedirectUri);
                    }
                }
            }
        });

I can see that user.GenerateUserIdentityAsync(manager) is hitted only on login.

解决方案

Setting CookieAuthenticationOptions is not enough. When I created new ASP.NET MVC project in VS everything is working good and GenerateUserIdentityAsync() is hitted by each request (if validateInterval is 0). The only problem was that you have to register context per request:

app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);

As I am using Winsdor Castle to create context per request, I deleted these lines from template. In injected method in ApplicationUserManager.Create is set UserTokenProvider, which does the magic perharps.

Nowhere in documentation is anything about that, but finally it solves the problem.

If you are using your own IoC, you can resolve dependency this way (eg. using Castle Winsdor)

app.CreatePerOwinContext(() => IoCContainerManager.Container.Resolve<ApplicationDBContext>());
app.CreatePerOwinContext(() => IoCContainerManager.Container.Resolve<ApplicationUserManager>());

and register types this way:

container.Register(Component.For<ApplicationDBContext>().LifestylePerWebRequest());
container.Register(Component.For<ApplicationUserManager>().LifestylePerWebRequest());

这篇关于如何使用Asp.Net身份2将用户添加到角色后无效.AspNet.ApplicationCookie？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！