Asp.net mvc 4 homecontroller中的MVC[授权]不适用于所有用户
因此,我使用LDAP对我的用户进行身份验证,这对我的大多数用户都很好,但对其中一些用户却不行。我知道,事实上,我有两个用户,它是不工作的。该代码提取有关此人的所有信息,创建一个formsAuthenticationticket,但当它到达[授权]时,它只是将其返回到登录页面。问题是为什么 登录控制器:Asp.net mvc 4 homecontroller中的MVC[授权]不适用于所有用户,asp.net-mvc-4,ldap,authorize-attribute,Asp.net Mvc 4,Ldap,Authorize Attribute,因此,我使用LDAP对我的用户进行身份验证,这对我的大多数用户都很好,但对其中一些用户却不行。我知道,事实上,我有两个用户,它是不工作的。该代码提取有关此人的所有信息,创建一个formsAuthenticationticket,但当它到达[授权]时,它只是将其返回到登录页面。问题是为什么 登录控制器: [AllowAnonymous] [HttpPost] [ValidateAntiForgeryToken] public ActionResult Login(Lo
[AllowAnonymous]
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
string logon_user = model.UserName.ToString();
string logon_password = model.Password.ToString();
ConnHelper connhelper = new ConnHelper();
string encryptedTicket = null;
String adPath = "#####"; //Path to the 2003 LDAP directory server
ADAuthorize adAuth = new ADAuthorize(adPath);
FormsAuthenticationTicket authTicket = null;
try
{
if (true == adAuth.IsAuthenticated("#####", logon_user, logon_password))
{
string groups = adAuth.GetGroups();
Account acc = new Account();
acc.windows_id = logon_user;
acc.password = logon_password;
acc.gers_id = connhelper.GetGersID(acc.windows_id);
acc.region = connhelper.IsNull(connhelper.GetRegionManager(acc.gers_id));
acc.home_store_region = connhelper.IsNull(connhelper.GetHomeStoreRegion(acc.gers_id));
acc.store_group = connhelper.IsNull(connhelper.GetStoreGroup(acc.gers_id));
acc.home_store = connhelper.IsNull(connhelper.GetStore(acc.gers_id));
acc.arr = connhelper.GetStores(acc.gers_id);
//acc.home_store_phone = misc.IsNull(misc.GetHomeStorePhoneNumber("hzs"), "");
acc.home_store_phone = connhelper.IsNull(connhelper.GetHomeStorePhoneNumber(acc.gers_id), "");
acc.full_name = connhelper.IsNull(connhelper.GetFullName(acc.gers_id), "");
// Onlt use the following in the core
// acc.full_name = adAuth.getuserFname("#####", logon_user, logon_password);
misc.GetStore(acc.gers_id);
//Add information to the session
Session.Add("roles", groups);
Session.Add("Account", acc);
// Create the authentication ticket
authTicket =
new FormsAuthenticationTicket(1, // version
acc.windows_id,
DateTime.Now,
DateTime.Now.AddMinutes(500),
false, groups);
// Now encrypt the ticket.
encryptedTicket = FormsAuthentication.Encrypt(authTicket);
// Create a cookie and add the encrypted ticket to the cookie as data.
HttpCookie authCookie =
new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
// Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie);
if (FormsAuthentication.GetRedirectUrl(acc.windows_id, false).EndsWith("Logout.aspx"))
{
return RedirectToAction("Login", "Account");
}
//
// Validate code this does the redirect to where you want the logged in person to go to.
//
if (Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
else
{
ModelState.AddModelError("", "Authentication failed, check username and password.");
return View(model);
}
}
catch (Exception ex)
{
ModelState.AddModelError("", "Error authenticating. " + ex.Message + ex.StackTrace);
return View(model);
}
// return View(model);
}
Adauth经过身份验证(即使是被弹跳的人也会返回true)
然后是主索引控制器
[HttpGet]
[Authorize]
public ActionResult Index()
{
//grab all events and pass to view
//
int count = D.getEventRows();
if (count != 0)
{
Event[] events = new Event[count];
events = D.getEvents(count);
ViewBag.host = globals.hosts();
ViewBag.events = events;
DateTime curr = DateTime.Now;
ViewBag.curr = curr;
return View(events);
}
return View();
}
web配置:
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="28800" />
</authentication>
<authorization>
<allow users="*" />
</authorization>
我似乎没有想到会话cookie会有大小限制。无法登录的成员有很长的组字符串。谢谢…我刚刚遇到了相同的问题,您的评论为我指出了正确的方向。我似乎没有想到会话cookie会有大小限制。无法登录的成员有很长的组字符串。谢谢…我也遇到了同样的问题,您的评论为我指明了正确的方向
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="28800" />
</authentication>
<authorization>
<allow users="*" />
</authorization>