我有一个项目使用ASP.Net MVC3和角色的成员资格。我在每个控制器中使用授权。例如:
[Authorize(Roles = "Administrator")]
public ActionResult Index(string q, int i)
{
return View(model);
}
如果某人不具有管理员角色,那么默认情况下它将重定向到登录页面。如何改变它,所以它会重定向到Views / Shared / UnAuthorize.cshtml?或者如果某人不具有管理员角色,它会显示消息框(警告)?
发布于 2018-03-15 10:22:57
只需更改web.config中必须显示的页面(检查路由是否存在)
<authentication mode="Forms">
<forms loginUrl="~/UnAuthorize" timeout="2880" />
</authentication>
如果你想为每个角色重定向到一个特定的路径,你可以用你自己的扩展AuthorizeAttribute。就像这样
public class CheckAuthorize : ActionFilterAttribute
{
public Roles[] Roles { get; set; }
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//Your code to get the user
var user = ((ControllerBase)filterContext.Controller).GetUser();
if (user != null)
{
foreach (Role role in Roles)
{
if (role == user.Role)
return;
}
}
RouteValueDictionary redirectTargetDictionary = new RouteValueDictionary();
if user.Role==Role.Administrator
{
redirectTargetDictionary.Add("action", "Unauthorized");
redirectTargetDictionary.Add("controller", "Home");
}
else
{
redirectTargetDictionary.Add("action", "Logon");
redirectTargetDictionary.Add("controller", "Home");
}
filterContext.Result = new RedirectToRouteResult(redirectTargetDictionary);
}
}
发布于 2018-03-15 10:38:55
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
public class MyAuthorize : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
//you can change to any controller or html page.
filterContext.Result = new RedirectResult("/cpanel/roles/unauthorize");
}
}
并将MyAuthorize应用于集体或诉讼:
[MyAuthorize]
public class AdminController :Controller
{
}
就这样。
https://stackoverflow.com/questions/-100003622
复制相似问题