使用 URLRouting 从 FormsAuthentication 迁移到 OWIN 后安全页面上的 HTTPException - 不重定向到 LoginPath
HTTPException on secured Pages after migrate to OWIN from FormsAuthentication with URLRouting - no Redirect to LoginPath
我正在开发具有 URL 路由的 asp.net 多租户网络表单应用程序。
使用 formsAuthentication 一切正常。
当我切换到 OWIN Cookie 身份验证并请求安全页面时,出现以下错误,但它应该重定向到登录页面。
[HttpException (0x80004005): An error occurred while accessing the resources required to serve this request. You might not have permission to view the requested resources.]
System.Web.Routing.UrlRoutingModule.PostResolveRequestCache(HttpContextBase context) +9727854
System.Web.Routing.UrlRoutingModule.OnApplicationPostResolveRequestCache(Object sender, EventArgs e) +82
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +136
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69
路由定义:
//Default Organisation Route
routes.MapPageRoute("",
"de/{organisation}",
"~/public/default.aspx",
true,
null,
new RouteValueDictionary { { "organisation", organisationConstraint } });
routes.MapPageRoute("",
"de/{organisation}/profile",
"~/secure/profile.aspx",
true,
null,
new RouteValueDictionary { { "organisation", organisationConstraint } });
web.config:
<system.web>
<compilation debug="true" targetFramework="4.5.0" />
<httpRuntime targetFramework="4.5.0" />
<authorization>
<deny users="?"/>
</authorization>
<authentication mode="None"></authentication>
<sessionState mode="Off"></sessionState>
</system.web>
<location path="de">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<location path="public">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
启动Class:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
CookieSecure = CookieSecureOption.SameAsRequest,
LoginPath = new PathString("/public/login.aspx")
});
我必须实施 facebook 身份验证,但我无法使用默认的 CookieAuthentication 来处理它。
如何将 OWIN 与我的 URL 结构一起使用?
我在这里找到了我的解决方案:https://msdn.microsoft.com/en-us/magazine/dd347546.aspx
如果您使用 MapPageRoute,可能在 PageRouteHandler 中存在错误,因为嵌套的 URL 结构:
de/{organisation} --> is allowed
de/{organisation}/profile --> not allowed
如果您编写自己的 RouteHandler 并使用 UrlAuthorizationModule.CheckUrlAccessForPrincipal,一切都会按预期工作。
routes.Add("", new Route("de/{organisation}/profile",
null,
new RouteValueDictionary { { "organisation", organisationConstraint } },
new WebFormRouteHandler("~/secure/profile.aspx", true)));
public class WebFormRouteHandler : IRouteHandler
{
public WebFormRouteHandler(string virtualPath)
: this(virtualPath, true)
{
}
public WebFormRouteHandler(string virtualPath, bool checkPhysicalUrlAccess)
{
this.VirtualPath = virtualPath;
this.CheckPhysicalUrlAccess = checkPhysicalUrlAccess;
}
public string VirtualPath { get; private set; }
public bool CheckPhysicalUrlAccess { get; set; }
public IHttpHandler GetHttpHandler(RequestContext requestContext)
{
if (this.CheckPhysicalUrlAccess && !UrlAuthorizationModule.CheckUrlAccessForPrincipal(this.VirtualPath, requestContext.HttpContext.User, requestContext.HttpContext.Request.HttpMethod))
{
requestContext.HttpContext.Response.StatusCode = (int)System.Net.HttpStatusCode.Unauthorized;
requestContext.HttpContext.Response.End();
}
var display = BuildManager.CreateInstanceFromVirtualPath(this.VirtualPath, typeof(Page)) as IHttpHandler;
return display;
}
}
我正在开发具有 URL 路由的 asp.net 多租户网络表单应用程序。
使用 formsAuthentication 一切正常。
当我切换到 OWIN Cookie 身份验证并请求安全页面时,出现以下错误,但它应该重定向到登录页面。
[HttpException (0x80004005): An error occurred while accessing the resources required to serve this request. You might not have permission to view the requested resources.]
System.Web.Routing.UrlRoutingModule.PostResolveRequestCache(HttpContextBase context) +9727854 System.Web.Routing.UrlRoutingModule.OnApplicationPostResolveRequestCache(Object sender, EventArgs e) +82 System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +136 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69
路由定义:
//Default Organisation Route
routes.MapPageRoute("",
"de/{organisation}",
"~/public/default.aspx",
true,
null,
new RouteValueDictionary { { "organisation", organisationConstraint } });
routes.MapPageRoute("",
"de/{organisation}/profile",
"~/secure/profile.aspx",
true,
null,
new RouteValueDictionary { { "organisation", organisationConstraint } });
web.config:
<system.web>
<compilation debug="true" targetFramework="4.5.0" />
<httpRuntime targetFramework="4.5.0" />
<authorization>
<deny users="?"/>
</authorization>
<authentication mode="None"></authentication>
<sessionState mode="Off"></sessionState>
</system.web>
<location path="de">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<location path="public">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
启动Class:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
CookieSecure = CookieSecureOption.SameAsRequest,
LoginPath = new PathString("/public/login.aspx")
});
我必须实施 facebook 身份验证,但我无法使用默认的 CookieAuthentication 来处理它。
如何将 OWIN 与我的 URL 结构一起使用?
我在这里找到了我的解决方案:https://msdn.microsoft.com/en-us/magazine/dd347546.aspx
如果您使用 MapPageRoute,可能在 PageRouteHandler 中存在错误,因为嵌套的 URL 结构:
de/{organisation} --> is allowed
de/{organisation}/profile --> not allowed
如果您编写自己的 RouteHandler 并使用 UrlAuthorizationModule.CheckUrlAccessForPrincipal,一切都会按预期工作。
routes.Add("", new Route("de/{organisation}/profile",
null,
new RouteValueDictionary { { "organisation", organisationConstraint } },
new WebFormRouteHandler("~/secure/profile.aspx", true)));
public class WebFormRouteHandler : IRouteHandler
{
public WebFormRouteHandler(string virtualPath)
: this(virtualPath, true)
{
}
public WebFormRouteHandler(string virtualPath, bool checkPhysicalUrlAccess)
{
this.VirtualPath = virtualPath;
this.CheckPhysicalUrlAccess = checkPhysicalUrlAccess;
}
public string VirtualPath { get; private set; }
public bool CheckPhysicalUrlAccess { get; set; }
public IHttpHandler GetHttpHandler(RequestContext requestContext)
{
if (this.CheckPhysicalUrlAccess && !UrlAuthorizationModule.CheckUrlAccessForPrincipal(this.VirtualPath, requestContext.HttpContext.User, requestContext.HttpContext.Request.HttpMethod))
{
requestContext.HttpContext.Response.StatusCode = (int)System.Net.HttpStatusCode.Unauthorized;
requestContext.HttpContext.Response.End();
}
var display = BuildManager.CreateInstanceFromVirtualPath(this.VirtualPath, typeof(Page)) as IHttpHandler;
return display;
}
}