ASP.NET核心更改AccessDenied路由
ASP.NET Core change AccessDenied route
我在路由 AccessDenied 时遇到了一些问题,可能 Login/Logout 路径也是如此。该项目是一个剥离的默认项目,没有更多的魔力。所以存在一个 Account 控制器和 AccessDenied() 方法。
我现在正在尝试的是(这是互联网商品提供的解决方案)
services.Configure<CookieAuthenticationOptions>(options =>
{
options.LoginPath = new PathString("/");
options.AccessDeniedPath = new PathString("/InactiveSponsor");
options.LogoutPath = new PathString("/");
});
但这绝对没有区别。那么有什么想法吗?关于为什么它不起作用以及如何使其起作用的任何想法。
这是我的 Startup.cs
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
.AddEnvironmentVariables();
if (env.IsDevelopment())
{
// This will push telemetry data through Application Insights pipeline faster, allowing you to view results immediately.
builder.AddApplicationInsightsSettings(developerMode: true);
}
Configuration = builder.Build();
}
public IConfigurationRoot Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddApplicationInsightsTelemetry(Configuration);
string connection = "DefaultConnection";
//services.AddDbContext<SponsorContext>(options => options.UseSqlServer(connection));
services.AddDbContext<SponsorContext>(options => options.UseSqlServer(Configuration[$"Data:{connection}"]));
services.AddIdentity<ApplicationUser, ApplicationRole>()
.AddEntityFrameworkStores<SponsorContext>()
.AddDefaultTokenProviders();
services.AddMvc();
services.AddAuthorization(options =>
{
options.AddPolicy(Policies.RequireAdmin, policy => policy.RequireRole(Roles.Administrator));
options.AddPolicy(Policies.IsSponsor, policy => policy.RequireRole(Roles.Sponsor));
options.AddPolicy(Policies.IsSponsorOrAdmin, policy => policy.RequireRole(Roles.Administrator, Roles.Sponsor));
});
/*
* AddTransient Different on each instance/use
* AddScoped Different instance on a per request basis
* AddSingleton Always the same instance
*/
//DI
services.AddScoped<ManageUserRepository>();
services.AddScoped<ISponsorManagement, SponsorRepository>();
services.AddScoped<ISponsorRead, SponsorRepository>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseApplicationInsightsRequestTelemetry();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseApplicationInsightsExceptionTelemetry();
app.UseStaticFiles();
app.UseIdentity();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
尝试
services.AddIdentity<ApplicationUser, IdentityRole>(op=>op.Cookies.ApplicationCookie.AccessDeniedPath = new PathString("/InactiveSponsor"))
.AddEntityFrameworkStores<SponsorContext>()
.AddDefaultTokenProviders();
或
services.Configure<IdentityOptions>(opt =>
{
opt.Cookies.ApplicationCookie.LoginPath = new PathString("/aa");
opt.Cookies.ApplicationCookie.AccessDeniedPath = new PathString("/InactiveSponsor");
opt.Cookies.ApplicationCookie.LogoutPath = new PathString("/");
});
如果有人在 ASP.NET 核心 2 中遇到类似问题,您可以将 services.Configure<CookieAuthenticationOptions>(...) 替换为 services.ConfigureApplicationCookie(),如下所示:
将此替换为您的 Startup.cs:
services.Configure<CookieAuthenticationOptions>(options =>
{
options.LoginPath = new PathString("/[your-path]");
options.AccessDeniedPath = new PathString("/[your-path]");
options.LogoutPath = new PathString("/[your-path]");
});
有了这个:
services.ConfigureApplicationCookie(options =>
{
options.LoginPath = new PathString("/[your-path]");
options.AccessDeniedPath = new PathString("/[your-path]");
options.LogoutPath = new PathString("/[your-path]");
});
对于ASP.NET Core 2.x web app的类似问题,如果使用Azure AD /OpenID Connect进行身份验证,则可以通过这种方式更改路由。
services.AddAuthentication(options =>...)
.AddOpenIdConnect(options =>...)
.AddCookie(options =>
{
options.AccessDeniedPath = "/path/unauthorized";
options.LoginPath = "/path/login";
});
我在路由 AccessDenied 时遇到了一些问题,可能 Login/Logout 路径也是如此。该项目是一个剥离的默认项目,没有更多的魔力。所以存在一个 Account 控制器和 AccessDenied() 方法。
我现在正在尝试的是(这是互联网商品提供的解决方案)
services.Configure<CookieAuthenticationOptions>(options =>
{
options.LoginPath = new PathString("/");
options.AccessDeniedPath = new PathString("/InactiveSponsor");
options.LogoutPath = new PathString("/");
});
但这绝对没有区别。那么有什么想法吗?关于为什么它不起作用以及如何使其起作用的任何想法。
这是我的 Startup.cs
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
.AddEnvironmentVariables();
if (env.IsDevelopment())
{
// This will push telemetry data through Application Insights pipeline faster, allowing you to view results immediately.
builder.AddApplicationInsightsSettings(developerMode: true);
}
Configuration = builder.Build();
}
public IConfigurationRoot Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddApplicationInsightsTelemetry(Configuration);
string connection = "DefaultConnection";
//services.AddDbContext<SponsorContext>(options => options.UseSqlServer(connection));
services.AddDbContext<SponsorContext>(options => options.UseSqlServer(Configuration[$"Data:{connection}"]));
services.AddIdentity<ApplicationUser, ApplicationRole>()
.AddEntityFrameworkStores<SponsorContext>()
.AddDefaultTokenProviders();
services.AddMvc();
services.AddAuthorization(options =>
{
options.AddPolicy(Policies.RequireAdmin, policy => policy.RequireRole(Roles.Administrator));
options.AddPolicy(Policies.IsSponsor, policy => policy.RequireRole(Roles.Sponsor));
options.AddPolicy(Policies.IsSponsorOrAdmin, policy => policy.RequireRole(Roles.Administrator, Roles.Sponsor));
});
/*
* AddTransient Different on each instance/use
* AddScoped Different instance on a per request basis
* AddSingleton Always the same instance
*/
//DI
services.AddScoped<ManageUserRepository>();
services.AddScoped<ISponsorManagement, SponsorRepository>();
services.AddScoped<ISponsorRead, SponsorRepository>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseApplicationInsightsRequestTelemetry();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseApplicationInsightsExceptionTelemetry();
app.UseStaticFiles();
app.UseIdentity();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
尝试
services.AddIdentity<ApplicationUser, IdentityRole>(op=>op.Cookies.ApplicationCookie.AccessDeniedPath = new PathString("/InactiveSponsor"))
.AddEntityFrameworkStores<SponsorContext>()
.AddDefaultTokenProviders();
或
services.Configure<IdentityOptions>(opt =>
{
opt.Cookies.ApplicationCookie.LoginPath = new PathString("/aa");
opt.Cookies.ApplicationCookie.AccessDeniedPath = new PathString("/InactiveSponsor");
opt.Cookies.ApplicationCookie.LogoutPath = new PathString("/");
});
如果有人在 ASP.NET 核心 2 中遇到类似问题,您可以将 services.Configure<CookieAuthenticationOptions>(...) 替换为 services.ConfigureApplicationCookie(),如下所示:
将此替换为您的 Startup.cs:
services.Configure<CookieAuthenticationOptions>(options =>
{
options.LoginPath = new PathString("/[your-path]");
options.AccessDeniedPath = new PathString("/[your-path]");
options.LogoutPath = new PathString("/[your-path]");
});
有了这个:
services.ConfigureApplicationCookie(options =>
{
options.LoginPath = new PathString("/[your-path]");
options.AccessDeniedPath = new PathString("/[your-path]");
options.LogoutPath = new PathString("/[your-path]");
});
对于ASP.NET Core 2.x web app的类似问题,如果使用Azure AD /OpenID Connect进行身份验证,则可以通过这种方式更改路由。
services.AddAuthentication(options =>...)
.AddOpenIdConnect(options =>...)
.AddCookie(options =>
{
options.AccessDeniedPath = "/path/unauthorized";
options.LoginPath = "/path/login";
});