为什么迟发型需要身份验证,查看仪表盘 [英] Why is Hangfire requiring authentication to view dashboard
问题描述
我正在迟发型我的MVC Web应用程序中,但每当我试图导航到的http:// MyApp的/迟发型,它重定向我到我的应用程序的登录页面,虽然我没有登录。
我还没有明确配置的授权......例如的任何要求。我有以下在web.config中,但随后拿出来在试图得到这个工作。
<位置路径=迟发型>
<&的System.Web GT;
<授权>
<让角色=管理员/>
<拒绝用户=*/>
< /授权>
< /system.web>
在理论上,这是我想要的东西,当我登录到我的主要的Web应用程序,我将与管理
角色的身份登录所以这个规则应该的工作。
不过,我是否有配置在web.config与否,每当我试图导航到的http:// MyApp的/迟发型,它重定向我到我的应用程序登录页面,在web.config配置:
<身份验证模式=表格>
<形式loginUrl =〜/帐号/登录超时=960/>
< /认证>
它不这样做我的本地机器上,就当我发表我的主机。难道迟发型无法识别身份验证cookie,我的主要的应用程序,当我登录提供?我认为在一般情况下,迟发型应用程序不需要身份验证,所以有什么其他的配置,可以认为它呢?
更新1:
我说的每迟发型文档授权过滤器,但同样的事情发生。这里是我的code在Startup.cs:
使用迟发型;
使用Hangfire.Logging;
使用Hangfire.Dashboard;
使用Hangfire.SqlServer;
使用Microsoft.Owin;
使用OTIS.Web.App code;
使用OTISScheduler.AppServ;
使用Owin;
使用System.Web.Security;[大会:OwinStartup(typeof运算(OTIS.Web.App_Start.Startup))]
命名空间OTIS.Web.App_Start
{
公共类启动
{
公共无效配置(IAppBuilder应用程序){ app.UseHangfire(配置=> {
config.UseSqlServerStorage(DefaultConnection);
config.UseServer(); //授权仪表板
config.UseAuthorizationFilters(新AuthorizationFilter
{
用户=USERA,//仅允许指定用户(逗号分隔的列表)
角色=帐户管理员,管理员//只允许指定的角色(逗号分隔的列表)
});
}); LogProvider.SetCurrentLogProvider(新StubLogProviderForHangfire()); GlobalJobFilters.Filters.Add(新AutomaticRetryAttribute {尝试= 0}); VAR scheduleTasksInitializer =新ScheduleTasksInitializer(); scheduleTasksInitializer.ScheduleTasks();
}
}
}
更新2:
每更显示了基本的身份验证的详细说明,我也尝试过这...仍然没有luck..redirects我对我的应用程序的登录页面。
config.UseAuthorizationFilters(
新BasicAuthAuthorizationFilter(
新BasicAuthAuthorizationFilterOptions
{
//需要仪表板安全连接
RequireSsl =假,
SslRedirect =假, //区分大小写登录检查
LoginCaseSensitive = TRUE, //用户
用户=新[]
{
新BasicAuthAuthorizationUser
{
登录=MyLogin //密码为纯文本
PasswordClear =MYPWD
}
}
}));
终于得到了它的工作。我创建了自己AuthorizationFilter类(见下文)。
然后,我通过了在Startup.cs配置方法MapHangfireDashboard方法(见下文了)
公共类HangFireAuthorizationFilter:个IAuthorizationFilter
{
公共BOOL授权(IDictionary的<字符串对象> owinEnvironment)
{
布尔boolAuthorizeCurrentUserToAccessHangFireDashboard = FALSE; 如果(HttpContext.Current.User.Identity.IsAuthenticated)
{
如果(HttpContext.Current.User.IsInRole(账户管理))
boolAuthorizeCurrentUserToAccessHangFireDashboard = TRUE;
} 返回boolAuthorizeCurrentUserToAccessHangFireDashboard;
}
}
要迟发型映射到一个自定义的网址,并指定AuthorizationFilter使用方法:
公共无效配置(IAppBuilder应用程序){ //从web.config中获取确定火起来迟发型调度与否 app.UseHangfire(配置=> {
config.UseSqlServerStorage(DefaultConnection);
config.UseServer();
}); //地图迟发型到一个URL,并指定授权过滤器使用,以允许访问
app.MapHangfireDashboard(/管理/工作,新的[] {新HangFireAuthorizationFilter()});}
I am running HangFire within my MVC web app but whenever I try to navigate to http://MyApp/hangfire, it redirects me to my app's login page as though I am not logged in.
I have not explicitly configured any requirements for authorization...e.g. I had the below in the web.config, but then took it out in attempts to get this to work.
<location path="hangfire">
<system.web>
<authorization>
<allow roles="Administrator" />
<deny users="*" />
</authorization>
</system.web>
In theory, this is what I'd want, and when I log into my main web application, I will be logged in with an Administrator
role so this rule should work.
But whether I have that configured in the web.config or not, whenever I try to navigate to http://MyApp/hangfire, it redirects me to my apps login page as configured in the web.config:
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="960" />
</authentication>
It does NOT do this on my local machine, just when I publish to my host. Does HangFire not recognize the authentication cookie that my main app provides when I login? I thought in general, the hangfire app doesn't require authentication, so what other configuration could be thinking that it does?
UPDATE 1:
I added the authorization filters per the hangfire docs, but the same thing happens. Here is my code in Startup.cs:
using Hangfire;
using Hangfire.Logging;
using Hangfire.Dashboard;
using Hangfire.SqlServer;
using Microsoft.Owin;
using OTIS.Web.AppCode;
using OTISScheduler.AppServ;
using Owin;
using System.Web.Security;
[assembly: OwinStartup(typeof(OTIS.Web.App_Start.Startup))]
namespace OTIS.Web.App_Start
{
public class Startup
{
public void Configuration(IAppBuilder app) {
app.UseHangfire(config => {
config.UseSqlServerStorage("DefaultConnection");
config.UseServer();
//Dashboard authorization
config.UseAuthorizationFilters(new AuthorizationFilter
{
Users = "USERA", // allow only specified users (comma delimited list)
Roles = "Account Administrator, Administrator" // allow only specified roles(comma delimited list)
});
});
LogProvider.SetCurrentLogProvider(new StubLogProviderForHangfire());
GlobalJobFilters.Filters.Add(new AutomaticRetryAttribute { Attempts = 0 });
var scheduleTasksInitializer = new ScheduleTasksInitializer();
scheduleTasksInitializer.ScheduleTasks();
}
}
}
UPDATE 2:
Per the more detailed instructions showing basic authentication, I also tried this...still no luck..redirects me to my app's login page.
config.UseAuthorizationFilters(
new BasicAuthAuthorizationFilter(
new BasicAuthAuthorizationFilterOptions
{
// Require secure connection for dashboard
RequireSsl = false,
SslRedirect = false,
// Case sensitive login checking
LoginCaseSensitive = true,
// Users
Users = new[]
{
new BasicAuthAuthorizationUser
{
Login = "MyLogin",
// Password as plain text
PasswordClear = "MyPwd"
}
}
}));
Finally got it working. I created my own AuthorizationFilter class (see below). Then I passed that to the MapHangfireDashboard method in the Startup.cs Configuration method (see below that)
public class HangFireAuthorizationFilter : IAuthorizationFilter
{
public bool Authorize(IDictionary<string, object> owinEnvironment)
{
bool boolAuthorizeCurrentUserToAccessHangFireDashboard = false;
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
if(HttpContext.Current.User.IsInRole("Account Administrator"))
boolAuthorizeCurrentUserToAccessHangFireDashboard = true;
}
return boolAuthorizeCurrentUserToAccessHangFireDashboard;
}
}
To map hangfire to a custom url and specify the AuthorizationFilter to use:
public void Configuration(IAppBuilder app) {
//Get from web.config to determine to fire up hangfire scheduler or not
app.UseHangfire(config => {
config.UseSqlServerStorage("DefaultConnection");
config.UseServer();
});
//map hangfire to a url and specify the authorization filter to use to allow access
app.MapHangfireDashboard("/Admin/jobs", new[] { new HangFireAuthorizationFilter() });
}
这篇关于为什么迟发型需要身份验证,查看仪表盘的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!