asp.net-mvc – 用户不在角色时的ASP.NET登录重定向循环
我在ASP.NET MVC 5中实现角色时遇到了一些困难.我试图以没有访问我想要访问的应用程序区域所需角色的用户身份登录.在这种情况下我期望的是,我再次被重定向到登录页面,直到我输入一组有访问权限的凭据或我导航到应用程序的另一个区域.
实际发生的是应用程序似乎进入登录重定向循环,调试通过显示多次调用Login操作. 这是登录操作: [AllowAnonymous] public ActionResult Login(string returnUrl) { ViewBag.ReturnUrl = returnUrl; return View(); } 这会导致IIS生成错误: HTTP Error 404.15 - Not Found The request filtering module is configured to deny a request where the query string is too long. 查询字符串如下所示: http://localhost/MyApplication/Account/Login?ReturnUrl=%2FMyApplication%2FAccount%2FLogin%3FReturnUrl%3D%252FMyApplication%252FAccount%252FLogin%253FReturnUrl%253D%25252FMyApplication%25252FAccount%25252FLogin%25253FReturnUrl%25253D%2525252FMyApplication%2525252FAccount%2525252FLogin%2525253FReturnUrl%2525253D%252525252FMyApplication%252525252FAccount%252525252FLogin%252525253FReturnUrl%252525253D%25252525252FMyApplication%25252525252FAccount%25252525252FLogin%25252525253FReturnUrl%25252525253D%2525252525252FMyApplication%2525252525252FAccount%2525252525252FLogin%2525252525253FReturnUrl%2525252525253D%252525252525252FMyApplication%252525252525252FAccount%252525252525252FLogin%252525252525253FReturnUrl%252525252525253D%25252525252525252FMyApplication%25252525252525252FAccount%25252525252525252FLogin%25252525252525253FReturnUrl%25252525252525253D%2525252525252525252FMyApplication%2525252525252525252FAccount%2525252525252525252FLogin%2525252525252525253FReturnUrl%2525252525252525253D%252525252525252525252FMyApplication%252525252525252525252FAccount%252525252525252525252FLogin%252525252525252525253FReturnUrl%252525252525252525253D%25252525252525252525252FMyApplication%25252525252525252525252FAccount%25252525252525252525252FLogin%25252525252525252525253FReturnUrl%25252525252525252525253D%2525252525252525252525252FMyApplication%2525252525252525252525252FAccount%2525252525252525252525252FLogin%2525252525252525252525253FReturnUrl%2525252525252525252525253D%252525252525252525252525252FMyApplication%252525252525252525252525252FAccount%252525252525252525252525252FLogin%252525252525252525252525253FReturnUrl%252525252525252525252525253D%25252525252525252525252525252FMyApplication%25252525252525252525252525252FAccount%25252525252525252525252525252FLogin%25252525252525252525252525253FReturnUrl%25252525252525252525252525253D%2525252525252525252525252525252FMyApplication%2525252525252525252525252525252FAccount%2525252525252525252525252525252FLogin%2525252525252525252525252525253FReturnUrl%2525252525252525252525252525253D%252525252525252525252525252525252FMyApplication%252525252525252525252525252525252F 我从一个有效的解决方案(虽然没有基于角色的授权)到我当前破碎的情况所做的唯一改变是在成功登录时重定向到控制器上面添加以下内容: [Authorize(Roles = "Staff")] 正如我之前所说,我登录的用户不是这个角色,但我希望在没有循环的情况下,理智,单一重定向到Login. 编辑:请求bu @dima,通过过滤器应用授权的详细信息……我有以下内容: public class FilterConfig { public static void RegisterGlobalFilters(GlobalFilterCollection filters) { filters.Add(new HandleErrorAttribute()); filters.Add(new AuthorizeAttribute()); } } 但是,我已经测试了使用和不使用此行的应用程序,并且重定向循环继续有增无减. 解决方法
虽然这个问题很老,但我遇到了同样的问题并找到了解决方案.
最初,我添加了相同的AuthorizationAttribute过滤器,并发现自己在同一个循环中.然后我把它拿走并开始将authorize属性添加到各个控制器,并发现无限循环仅在将authorize属性添加到我的家庭控制器时发生.事实证明我的HomeController在我的AccountController之后被调用了. 问题 在我的_Layout.cshtml中,我调用了以下内容: @Html.Action("LeftNav","Home") 布局页面将正确呈现正文,但是当它到达时,它正在命中具有授权属性的控制器方法.这导致重定向到帐户/登录. 将AllowAnonymous属性添加到LeftNav操作解决了该问题. 解决方案 确保您的“登录”视图和布局不会调用具有authorize属性的任何操作. 自从发现这一点以来,我为未经授权的请求创建了一个自定义布局,以避免出现更多此类潜在问题. (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
- asp.net-core – 在asp.net 5 mvc中找不到css,js和img文件
- asp.net – 每个应用程序池的内存使用
- asp.net-web-api – 找不到Web API路由404
- asp.net – 为什么Global.asax中的HttpContext.Current.Ses
- Asp.Net百度站长工具的主动推送功能
- .net – 列表框在autopostback上滚动到顶部
- asp.net – 用于集成的IIS 7的自定义HttpModule
- asp.net – 错误:类型存在于两个目录中
- asp.net-mvc – 在MVC视图中,如果在表单标记中没有指定,则调
- 我心中的ASP.NET Core 新核心对象WebHost(二)
- asp.net – 什么是部分回发?
- asp.net – 使用sql helper时出现超时问题(Micro
- asp.net-mvc – Jasmine在一个单独的测试项目中
- asp.net – 有没有办法以编程方式设置Elmah中的应
- asp.net – 如何在Repeater中查找控件
- asp.net-mvc – 如何开始使用多租户MVC应用程序
- asp.net – 使用jquery调用ascx页面方法
- ASP.NET Web Forms jQuery
- .net – RegularExpressionValidator使用除R??eg
- asp.net-mvc – Razor ViewEngine HTML.Checkbox