问题描述
|
如何将控制器类锁定为只能由一个或多个角色访问?我在第二个示例中尝试使用“ 0”,但它似乎强制要求授权,而不是授予对该页面的访问权限。
[PrincipalPermission(SercurityAction.?????????)]
public class MySecuredController { ...
[Authorize(Roles=\"MyRoleName\")
public class MySecuredController { ...
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.IO;
using System.Security.Permissions;
namespace mvc3test.Controllers
{
[Authorize(Roles=\"taxpayer\")]
public class HomeController : Controller
{
public ActionResult Index()
{
ViewBag.Message = \"Welcome to ASP.NET MVC!\";
return View();
}
public ActionResult About()
{
return View();
}
[HttpPost]
public ActionResult Index(HttpPostedFileBase dr405)
{
var saveLocation = Path.Combine(Server.MapPath(\"\\\\\"),\"returns\");
System.IO.Directory.CreateDirectory(saveLocation);
dr405.SaveAs(Path.Combine(saveLocation,User.Identity.Name) + \".xlsx\");
ViewBag.Message = String.Format(\"File name: {0},{1}Kb Uploaded Successfully.\",dr405.FileName,(int)dr405.ContentLength / 1024);
return View();
}
}
}
LogOn
Redirect
User.IsInRole(\"taxpayer\")
User.Identity.Name
User.IsInRole(\"taxpayer\")
USE [aspnetdb]
GO
DECLARE @return_value int
EXEC @return_value = [dbo].[aspnet_UsersInRoles_GetUsersInRoles]
@ApplicationName = N\'/\',@RoleName = N\'taxpayer\'
SELECT \'Return Value\' = @return_value
GO
解决方法
如果访问页面的用户未经过身份验证或不是给定角色的成员(您的第二个选项是我使用的角色),则他们将被重定向到身份验证页面。这是一个过滤器,而不是授予。
,第二种方法
[Authorize(Roles=\"myrolename\")]
依赖报错 idea导入项目后依赖报错,解决方案:https://blog....
错误1:gradle项目控制台输出为乱码 # 解决方案:https://bl...