使用C#Asp.Net Core的授权处理程序

时间:2016-11-16 12:44:02

标签: c# asp.net

我尝试使用基于策略的授权 https://docs.microsoft.com/en-us/aspnet/core/security/authorization/policies

我有这样的政策

p.AddPolicy("GroupMembership", policy =>
{
    policy.RequireAuthenticatedUser();
    policy.RequireClaim(ClaimTypes.Name);
    policy.AddRequirements(new GroupMemberRequirement(
        ServiceConstants.Admin
    ));
});

虽然我有RequireAuthenticatedUser()要求,但我的处理程序中的用户是匿名的!

工作:

[Authorize("GroupMembership")]
[Route("[controller]")]
public class HomeController : Controller
{
    [HttpGet("About")]
    public async Task<IActionResult> About()
    {
        protected method
    }

确实工作

[Authorize]
[Route("[controller]")]
public class HomeController : Controller
{

    [Authorize("GroupMembership")]
    [HttpGet("About")]
    public async Task<IActionResult> About()
    {
        protected method
    }

0 个答案:

没有答案
相关问题
最新问题