使用 URLRouting 从 FormsAuthentication 迁移到 OWIN 后安全页面上的 HTTPException - 不重定向到 LoginPath

Question

我正在开发具有 URL 路由的 asp.net 多租户网络表单应用程序。

使用 formsAuthentication 一切正常。

当我切换到 OWIN Cookie 身份验证并请求安全页面时，出现以下错误，但它应该重定向到登录页面。

[HttpException (0x80004005): An error occurred while accessing the resources required to serve this request. You might not have permission to view the requested resources.]

System.Web.Routing.UrlRoutingModule.PostResolveRequestCache(HttpContextBase context) +9727854 System.Web.Routing.UrlRoutingModule.OnApplicationPostResolveRequestCache(Object sender, EventArgs e) +82 System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +136 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69

路由定义：

//Default Organisation Route
routes.MapPageRoute("",
            "de/{organisation}",
            "~/public/default.aspx",
            true,
            null,
            new RouteValueDictionary { { "organisation", organisationConstraint } });


routes.MapPageRoute("",
                "de/{organisation}/profile",
                "~/secure/profile.aspx",
                true,
                null,
                new RouteValueDictionary { { "organisation", organisationConstraint } });

web.config:

<system.web>
    <compilation debug="true" targetFramework="4.5.0" />
    <httpRuntime targetFramework="4.5.0" />
    <authorization>
        <deny users="?"/>
    </authorization>
    <authentication mode="None"></authentication>
    <sessionState mode="Off"></sessionState>
</system.web>

<location path="de">
    <system.web>
        <authorization>
            <allow users="*"/>
        </authorization>
    </system.web>
</location>
<location path="public">
    <system.web>
        <authorization>
            <allow users="*"/>
        </authorization>
    </system.web>
</location>

启动Class:

app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            CookieSecure = CookieSecureOption.SameAsRequest,
            LoginPath = new PathString("/public/login.aspx")
        });

我必须实施 facebook 身份验证，但我无法使用默认的 CookieAuthentication 来处理它。

如何将 OWIN 与我的 URL 结构一起使用？

Answer 1

我在这里找到了我的解决方案：https://msdn.microsoft.com/en-us/magazine/dd347546.aspx

如果您使用 MapPageRoute，可能在 PageRouteHandler 中存在错误，因为嵌套的 URL 结构：

de/{organisation} --> is allowed

de/{organisation}/profile --> not allowed

如果您编写自己的 RouteHandler 并使用 UrlAuthorizationModule.CheckUrlAccessForPrincipal，一切都会按预期工作。

routes.Add("", new Route("de/{organisation}/profile",
                                        null,
                                        new RouteValueDictionary { { "organisation", organisationConstraint } },
                                        new WebFormRouteHandler("~/secure/profile.aspx", true)));

public class WebFormRouteHandler : IRouteHandler
{
    public WebFormRouteHandler(string virtualPath)
        : this(virtualPath, true)
    {
    }

    public WebFormRouteHandler(string virtualPath, bool checkPhysicalUrlAccess)
    {
        this.VirtualPath = virtualPath;
        this.CheckPhysicalUrlAccess = checkPhysicalUrlAccess;
    }

    public string VirtualPath { get; private set; }

    public bool CheckPhysicalUrlAccess { get; set; }

    public IHttpHandler GetHttpHandler(RequestContext requestContext)
    {
        if (this.CheckPhysicalUrlAccess && !UrlAuthorizationModule.CheckUrlAccessForPrincipal(this.VirtualPath, requestContext.HttpContext.User, requestContext.HttpContext.Request.HttpMethod))
        {
            requestContext.HttpContext.Response.StatusCode = (int)System.Net.HttpStatusCode.Unauthorized;
            requestContext.HttpContext.Response.End();
        }

        var display = BuildManager.CreateInstanceFromVirtualPath(this.VirtualPath, typeof(Page)) as IHttpHandler;

        return display;
    }
}