Asp.net mvc 在IAuthenticationFilter的HttpUnauthorizedResult之后检索Windows标识
我有一个Asp.net mvc 在IAuthenticationFilter的HttpUnauthorizedResult之后检索Windows标识,asp.net-mvc,asp.net-mvc-5,windows-authentication,Asp.net Mvc,Asp.net Mvc 5,Windows Authentication,我有一个iaAuthenticationFilter将检查SharePoint中的用户组: public class BasicAuthFilter : ActionFilterAttribute, IAuthenticationFilter { public void OnAuthentication(AuthenticationContext filterContext) { string userLoginName = fil
iaAuthenticationFilter
将检查SharePoint中的用户组:
public class BasicAuthFilter : ActionFilterAttribute, IAuthenticationFilter
{
public void OnAuthentication(AuthenticationContext filterContext)
{
string userLoginName = filterContext.RequestContext.HttpContext.User.Identity.Name;
if (SecurityManager.Auth(userLoginName))
return;
else
filterContext.Result = new RedirectResult(new UrlHelper(filterContext.RequestContext).Action("AccessDenied", "Error"));
}
...
}
}
除了ErrorController
[AllowAnonymous]
public class ErrorController : Controller
...
// Display view and link for "Logout"
public ActionResult AccessDenied()
{
return View();
}
// GET: Logout
[OutputCache(VaryByParam = "*", Duration = 0, NoStore = true)] // disable caching
public ActionResult Logout()
{
string currentUser = User.Identity.Name;
int AuthenticationAttempts = 0;
if (Session["AuthenticationAttempts"] == null || !int.TryParse(Convert.ToString(Session["AuthenticationAttempts"]), out AuthenticationAttempts))
AuthenticationAttempts = 0;
AuthenticationAttempts += 1;
if (AuthenticationAttempts == 1)
{
Session["PrevUser"] = User.Identity.Name;
Session["AuthenticationAttempts"] = AuthenticationAttempts;
return new HttpUnauthorizedResult();
}
else if (string.Compare(Convert.ToString(Session["PrevUser"]), currentUser, true) == 0) // Somehow it will have echo back, ignore it
{
return new HttpUnauthorizedResult();
}
else
{
Session.Abandon();
Session.Clear();
return RedirectToAction("Index", "Home");
}
}
}
当错误控制器返回HttpUnauthorizedResult
时,浏览器将提示登录。我可以从ErrorController
中的user.Identity.name
获取新用户名
然而,当它重定向到HomeController
时,用户被重置为原始用户,我尝试了以下操作,但仍然是相同的
filterContext.RequestContext.HttpContext.User.Identity.Name
filterContext.HttpContext.User.Identity.Name
filterContext.Principal.Identity.Name
我是否遗漏了什么,或者我应该在用户输入后分配主体?对于遇到相同问题的任何人,请确保您已使用IIS对其进行了测试
此方法可以工作,但无法在IISExpress中工作