Authorization using active directory role provider MVC4

笑着哭i 提交于 2019-12-18 12:17:32

问题


I'm building a MVC4 application for internal use in a corporate enviroment. I use windows authentication, which works fine, but I'm having troubles using Active Directory groups as roles for authorization.

My Web.config looks like this:

<authentication mode="Windows" />        
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider">
  <providers>
    <clear />
    <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
  </providers>
</roleManager>        
<authorization>
  <deny users="?" />    
</authorization>

When I use User authorization it works fine:

[Authorize(Users = @"DOMAIN\User1, DOMAIN\User2")]
public ActionResult Create()
{
    return View();
}

But when I use roles, it just don't let users in that group to access this action:

[Authorize(Roles = @"Domain\Group")]
public ActionResult Create()
{
    return View();
}

I also tried specifying the group without the domain as I read in other replies, but no luck... I guess I'm missing something in the Web.config, but I'm not sure what...

I was avoiding to use a custom role provider because MVC4 is supposed to achieve this without a custom role provider (or at least that's what I thought)

Can anyone help me with this?

Thanks in advance!


回答1:


I found which was the problem. After reading some info about the machine.config here I checked that I had the correct configuration applied already.

Fianlly I got it working just like this:

[Authorize(Roles = "Domain\\Group")]
public ActionResult Create()
{
    return View();
}

The problem was the way I typed the groups.

I hope this can help other people.



来源:https://stackoverflow.com/questions/20707758/authorization-using-active-directory-role-provider-mvc4

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!