windows security window提示Authorization failed in mvc如何解决
How to solve windows security window prompt for Authorization failed in mvc
我的问题:
当用户没有经理角色和管理员角色时,我必须重定向到错误 page/some 弹出消息。但是当我检查是否连续授权 "false" windows 安全密码 windows 它显示。当我再次输入用户名和密码时,它显示 windows 安全密码。
我必须检查每个操作方法,并且需要显示消息或错误页面。如何解决这个问题?
控制器代码:
[AuthorizeUser("Manager","Admin")]
public ActionResult Contact()
{
return View();
}
C#代码:
public AuthorizeUserAttribute(params int[] roles)
{
allowedroles = roles;
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
bool authorize = false;
var getList = _objService.GetUserRoleDetail(CommonStaticHelper.getLoggedUser());
foreach (var role in allowedroles)
{
if (getList.Exists(m => m.RoleId == role))
{
return authorize = true; /* return true if Entity has current user(active) with specific role */
}
}
return authorize;
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
filterContext.Result = new HttpUnauthorizedResult();
}
/// 试试这个:
///Create an action :
public ActionResult Unauthorized()
{
return View();
}
//// now write below code for authorization
protected override void HandleUnauthorizedRequest(System.Web.Mvc.AuthorizationContext filterContext)
{
if (filterContext.HttpContext.Request.IsAuthenticated)
{
//redirect to the Unauthenticated page
filterContext.Result = new RedirectToRouteResult(new
RouteValueDictionary(new { controller = "Error", action = "Unauthorized"
}));
}
else
{
base.HandleUnauthorizedRequest(filterContext);
}
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var authorized = base.AuthorizeCore(httpContext);
if (!authorized)
{
// The user is not authenticated
return false;
}
else{
var getList =
_objService.GetUserRoleDetail(CommonStaticHelper.getLoggedUser());
foreach (var role in allowedroles)
{
if (getList.Exists(m => m.RoleId == role))
{
return authorize = true; /* return true if Entity has current
user(active) with specific role */
}
}
return authorize = false;
}
创建您自己的过滤器,例如
public class AuthorityAttribute : AuthorizeAttribute
{
private readonly string[] allowedroles;
public AuthorityAttribute(params string[] roles)
{
this.allowedroles = roles;
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
foreach (var role in allowedroles)
{
if (PortalWebSessionManager.ActivePortalSettings.ActiveRoles != null)
{
foreach (IDynamics.IDynamicsPortal.DataComponent.Roles currentRole in PortalWebSessionManager.ActivePortalSettings.ActiveRoles)
{
if (currentRole.RoleName == role)
{
return true;
}
}
}
}
return false;
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
filterContext.Result = new HttpUnauthorizedResult();
}
}
并调用该过滤器
我的问题:
当用户没有经理角色和管理员角色时,我必须重定向到错误 page/some 弹出消息。但是当我检查是否连续授权 "false" windows 安全密码 windows 它显示。当我再次输入用户名和密码时,它显示 windows 安全密码。
我必须检查每个操作方法,并且需要显示消息或错误页面。如何解决这个问题?
控制器代码:
[AuthorizeUser("Manager","Admin")]
public ActionResult Contact()
{
return View();
}
C#代码:
public AuthorizeUserAttribute(params int[] roles)
{
allowedroles = roles;
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
bool authorize = false;
var getList = _objService.GetUserRoleDetail(CommonStaticHelper.getLoggedUser());
foreach (var role in allowedroles)
{
if (getList.Exists(m => m.RoleId == role))
{
return authorize = true; /* return true if Entity has current user(active) with specific role */
}
}
return authorize;
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
filterContext.Result = new HttpUnauthorizedResult();
}
/// 试试这个:
///Create an action :
public ActionResult Unauthorized()
{
return View();
}
//// now write below code for authorization
protected override void HandleUnauthorizedRequest(System.Web.Mvc.AuthorizationContext filterContext)
{
if (filterContext.HttpContext.Request.IsAuthenticated)
{
//redirect to the Unauthenticated page
filterContext.Result = new RedirectToRouteResult(new
RouteValueDictionary(new { controller = "Error", action = "Unauthorized"
}));
}
else
{
base.HandleUnauthorizedRequest(filterContext);
}
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var authorized = base.AuthorizeCore(httpContext);
if (!authorized)
{
// The user is not authenticated
return false;
}
else{
var getList =
_objService.GetUserRoleDetail(CommonStaticHelper.getLoggedUser());
foreach (var role in allowedroles)
{
if (getList.Exists(m => m.RoleId == role))
{
return authorize = true; /* return true if Entity has current
user(active) with specific role */
}
}
return authorize = false;
}
创建您自己的过滤器,例如
public class AuthorityAttribute : AuthorizeAttribute
{
private readonly string[] allowedroles;
public AuthorityAttribute(params string[] roles)
{
this.allowedroles = roles;
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
foreach (var role in allowedroles)
{
if (PortalWebSessionManager.ActivePortalSettings.ActiveRoles != null)
{
foreach (IDynamics.IDynamicsPortal.DataComponent.Roles currentRole in PortalWebSessionManager.ActivePortalSettings.ActiveRoles)
{
if (currentRole.RoleName == role)
{
return true;
}
}
}
}
return false;
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
filterContext.Result = new HttpUnauthorizedResult();
}
}
并调用该过滤器