我正在尝试学习MVC 5 OWIN登录声明.我尽量保持简单.我从MVC模板开始,插入了我的索赔代码(见下文).当我在View中使用@
Html.AntiForgeryToken()帮助器时,我收到一个错误.
错误:
A claim of type 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier' or 'http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovid er' was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication,please verify that the configured claims provider is providing both of these claims on the ClaimsIdentity instances it generates. If the configured claims provider instead uses a different claim type as a unique identifier,it can be configured by setting the static property AntiForgeryConfig.UniqueClaimTypeIdentifier. Exception Details: system.invalidOperationException: A claim of type 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier' or 'http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider' was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication,please verify that the configured claims provider is providing both of these claims on the ClaimsIdentity instances it generates. If the configured claims provider instead uses a different claim type as a unique identifier,it can be configured by setting the static property AntiForgeryConfig.UniqueClaimTypeIdentifier. Source Error: Line 4: using (Html.BeginForm("logoff","Account",FormMethod.Post,new { id = "logoutForm",@class = "navbar-right" })) Line 5: { Line 6: @Html.AntiForgeryToken()
POST登录操作
// POST: /Account/Login [HttpPost] [AllowAnonymous] [ValidateAntiForgeryToken] public async Task<ActionResult> Login(Loginviewmodel model,string returnUrl) { if (!ModelState.IsValid) { return View(model); } var claims = new List<Claim> { new Claim(ClaimTypes.Name,"brock"),new Claim(ClaimTypes.Email,"brockallen@gmail.com") }; var id = new ClaimsIdentity(claims,DefaultAuthenticationTypes.ApplicationCookie); var ctx = Request.GetowinContext(); var authenticationManager = ctx.Authentication; authenticationManager.SignIn(id); return RedirectToAction("Welcome"); }
_LoginPartial.cshtml
@using Microsoft.AspNet.Identity
@if (Request.IsAuthenticated)
{
using (Html.BeginForm("logoff",new { id = "logoutForm",@class = "navbar-right" }))
{
@Html.AntiForgeryToken()
<ul class="nav navbar-nav navbar-right">
<li>
@Html.ActionLink("Hello " + User.Identity.GetUserName() + "!","Index","Manage",routeValues: null,htmlAttributes: new { title = "Manage" })
</li>
<li><a href="javascript:document.getElementById('logoutForm').submit()">Log off</a></li>
</ul>
}
}
我已经尝试设置ClaimTypes.NameIdentifier(like in this SO answer)
protected void Application_Start()
{
AreaRegistration.RegisterallAreas();
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier;
}
然后我“只”?得到这个错误
A claim of type 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier' was not present on the provided ClaimsIdentity.
我想保留antiorgeryToken,因为它可以帮助跨站点脚本.
解决方法
您的声明身份没有ClaimTypes.NameIdentifier,您应该在声明数组中添加更多内容:
var claims = new List<Claim> { new Claim(ClaimTypes.Name,"username"),"user@gmail.com"),new Claim(ClaimTypes.NameIdentifier,"userId"),//should be userid };
要将信息映射到索赔以获得更多的纠正:
ClaimTypes.Name => map to username ClaimTypes.NameIdentifier => map to user_id
