authorize

问题 Using the weather here api with product of forecast_astronomy and now all of sudden getting a 403 forbidden error on the request of "These credentials do not authorize access". The url request has not changed in the code and I have verified in the developer portal that the app id is enabled still. This was working fine when last tried two days ago. Tried directly in curl and postman and getting same 403 forbidden error: { "error": "Forbidden", "error_description": "These credentials do not

问题 Can any one explain me the working of Auth->authorize = "actions" In my project i am planning tp give this. As this taught me the authorize will call the $this->Aro->check($user,"controllers/:controller/:action") This will check the against the user right?? that means the user should be there in aros table. But i don't need this to check against user but i need to check against a group How can i achive this. now when the users is not in Aro table it showing the So that The Aro's will be only

问题 I'm working on creating a role system in ASP.net. Now it works fine because I can associate roles to users As you can see here. Now my question is what should I do to get role- based access working. Because one somehow this does not work. It sends me as a super admin back to the login page [Authorize(Roles = "Superadmin")] public ActionResult Upload() { return View(); } Web.config <?xml version="1.0" encoding="utf-8"?> <!-- For more information on how to configure your ASP.NET application,

问题 I would like to understand briefly how the authorize filter and FormAuthentication.SetAuthCookie work under the hood. It's the only thing I find ambiguous after reading some books on the language. I don't understand how the authorize filter knows where to look. And what about FormsAuthenticationTicket VS FormAuthentication ? And is cookie the most secure way, I mean I'm sure it's possible to export the cookie from a browser and use it somewhere else..? 回答1: You might find this question

问题 I would like to use [Authorize(Roles="Admin")] tags on my controller methods. If a user is not an admin I would like to return this user to my login screen. The default behaviour of returning the user to my login page is reroute my user to "Account/Login" using a Get url. The problem is, my website's subpages are all partial views refreshed by Ajax calls, including my login screen. So my question is: Is it possible to alter the class below to return a post redirect instead of a get redirect?

问题 I downloaded the Facebook C# SDK 4.1.1, and incorporated it on a small ASP.NET 3.5SP1 web project. When I run the application from VS Studio 2008, it allowed me to install my Facebook application. When I log onto facebook, I can see that my app installed, as I see it on my home page left nav. When I click on the app, it displays the default.aspx page on my facebook app iframe. Looks like it worked, right? No it doesn't because when I debug the page on localhost, I see that the Authorize() on

问题 I'm confused on ASP.NET MVC caching and authorization and in dire need of some clarification. My self-made authorization attribute inherits from AuthorizeAttribute . Its overridden AuthorizeCore method runs every time, even if I set an [OutputCache] attribute on a controller action. I understand that part. Now the mind bender for me: AuthorizeCore will fail every time now when I actually do output caching and the page is served from the cache. The reason is that when the request is cached,

问题 I'm confused on ASP.NET MVC caching and authorization and in dire need of some clarification. My self-made authorization attribute inherits from AuthorizeAttribute . Its overridden AuthorizeCore method runs every time, even if I set an [OutputCache] attribute on a controller action. I understand that part. Now the mind bender for me: AuthorizeCore will fail every time now when I actually do output caching and the page is served from the cache. The reason is that when the request is cached,

问题 i have some services on ServiceStack and use SignalR in this project. And now, i would like to secure hub connection (access only for authenticated users), but i use ServiceStack framework authentication.. (not asp.net authentication) and ServiceStack's sessions (write AuthUserId ih this session and authentication flag). So, when user trying connect to the hub -- hub must to check authentication... (yes, i can request Cookies from Hub (method OnConnected, for example), but SignalR check

问题 I am trying to automate the Token Generation (Authorization code followed by Access/JWT Token) process which is then will be used to hit the APIc's/API's. NOTE : I have used dumy domains/scope/redirect URI/parameters below for security reasons. How to Generate the Tokens Manually : I was provided with the below URL to generate the Authorization code Code Generation URL : https://sample.domain.com/affwebservices/public/saml2sso?SPID=testqaapi2p3&RelayState=response_type%3Dcode%26client_id