我如何AuthorizeAttribute本地Administrators组中的ASP.NET MVC 3 Intranet应用程序工作？ [英] How do I make AuthorizeAttribute work with local Administrators group in ASP.NET MVC 3 intranet application?

问题描述

在此ASP.NET MVC 3 Intranet应用程序（使用MVC 3中创建的 Intranet应用的模板），用户会自动对广告进行身份验证，我想限制访问控制器的用户当地管理​​员组。为了实现这一点，我已经试过申请 AuthorizeAttribute 像这样：

In this ASP.NET MVC 3 intranet application (created using MVC 3 Intranet Application template), where users are authenticated automatically against AD, I'm trying to restrict access to a controller to users in the local Administrators group. In order to achieve this, I've tried to apply AuthorizeAttribute like so:

[Authorize(Roles = "Administrators")]
public class ElmahController : Controller

不过，即使我的AD用户（应用程序报告预期的用户已经被认证）是在当地管理​​员组，我不能获得对控制器时，接入 AuthorizeAttribute 应用。只有一个空白页出现。我在做什么错了？

However, even though my AD user (the application reports the expected user has been authenticated) is in the local Administrators group, I cannot gain access to the controller when AuthorizeAttribute is applied. Only a blank page comes up. What am I doing wrong?

在另一方面，我已经验证了我的指定特定用户的作品：

On the other hand, I've verified that specifying my particular user works:

[Authorize(Users = @"ad\arve")]
public class ElmahController : Controller

在这种情况下，我可以成功地检索限制页

In this case, I can retrieve the restricted page successfully.

编辑：
我发现， BUILTIN 预选赛小组工作：

[Authorize(Roles = @"BUILTIN\Administrators")]

这是通过 AuthorizeAttribute 虽然??

推荐答案

请按照我的教程的如何创建一个内联网站点使用ASP.NET MVC 你需要使用内置AspNetWindowsTokenRoleProvider类，它使用Windows组作为角色

Follow my tutorial How to Create an Intranet Site Using ASP.NET MVC You need to use the built-in AspNetWindowsTokenRoleProvider class , which uses Windows groups as roles

[Authorize(Roles = @"BUILTIN\Administrators")]

如果你是在IIS服务器上管理员才起作用。如果应用程序部署到贵公司生产服务器，则需要进行本地管理员在生产服务器上。

Will only work if you are an admin on the IIS server. If you deploy your application to a production server for your company, you will need to be made a local admin on the production server.

这篇关于我如何AuthorizeAttribute本地Administrators组中的ASP.NET MVC 3 Intranet应用程序工作？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！