asp.net-mvc – HttpContext.Current.User.IsInRole不能正常工作

发布时间：2020-12-16 06:30:34 所属栏目：asp.Net 来源：网络整理

导读：在我的控制器AuthController / signin我有这个代码： entities.UserAccount user = (new BLL.GestionUserAccount()).authentifier(email,password); //storing the userId in a cookie string roles = (new BLL.GestionUserAccount()).GetUserRoles(user.IdU

在我的控制器AuthController / signin我有这个代码：

entities.UserAccount user = (new BLL.GestionUserAccount()).authentifier(email,password);
            //storing the userId in a cookie
            string roles = (new BLL.GestionUserAccount()).GetUserRoles(user.IdUser);
            // Initialize FormsAuthentication,for what it's worth

            FormsAuthentication.Initialize();

            //

            FormsAuthentication.SetAuthCookie(user.IdUser.ToString(),false);

            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
            1,// Ticket version
            user.IdUser.ToString(),// Username associated with ticket
            DateTime.Now,// Date/time issued
            DateTime.Now.AddMinutes(30),// Date/time to expire
            true,// "true" for a persistent user cookie
            roles,// User-data,in this case the roles
            FormsAuthentication.FormsCookiePath);// Path cookie valid for

            // Encrypt the cookie using the machine key for secure transport
            string hash = FormsAuthentication.Encrypt(ticket);
            HttpCookie cookie = new HttpCookie(
               FormsAuthentication.FormsCookieName,// Name of auth cookie
               hash); // Hashed ticket



                // Get the stored user-data,in this case,our roles

            // Set the cookie's expiration time to the tickets expiration time
            if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;

            // Add the cookie to the list for outgoing response
            Response.Cookies.Add(cookie);
            return RedirectToAction("index","Home");

在主页面中我有一个菜单,在该菜单中有一个项目只能由管理员角色看到.

<% if (HttpContext.Current.User.IsInRole("admin")){ %>

            <%=Html.ActionLink("Places","Places","Places")%>
        <%} %>

即使HttpContext.Current.User包含正确的角色,我也看不到该项目：

globalx asax：

protected void Application_AuthenticateRequest(Object sender,EventArgs e)
    {
        if (HttpContext.Current.User != null)
        {
            if (HttpContext.Current.User.Identity.IsAuthenticated)
            {
                if (HttpContext.Current.User.Identity is FormsIdentity)
                {
                    FormsIdentity id =
                        (FormsIdentity)HttpContext.Current.User.Identity;
                    FormsAuthenticationTicket ticket = id.Ticket;

                    // Get the stored user-data,our roles
                    string userData = ticket.UserData;
                    string[] roles = userData.Split(',');
                    HttpContext.Current.User = new GenericPrincipal(id,roles);
                }
            }
        }
    }

解决方法

我知道这听起来很傻但是从你的形象我只能看到你的票证中的userData.

我唯一能想到的是,如果userData没有进入主体. (可能是最后三行glabal.asax.cs的问题)

这里不对劲：

string userData = ticket.UserData;
string[] roles = userData.Split(',');
HttpContext.Current.User = new GenericPrincipal(id,roles);

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!