如何解决mvc中授权失败的windows安全窗口提示
Posted
技术标签:
【中文标题】如何解决mvc中授权失败的windows安全窗口提示【英文标题】:How to solve windows security window prompt for Authorization failed in mvc 【发布时间】:2017-11-30 11:12:17 【问题描述】:我的问题:
当用户没有经理角色和管理员角色时,我必须重定向到错误页面/一些弹出消息。但是当我检查是否连续授权“假”时,windows安全密码窗口会显示出来。当我再次输入用户名和密码时,它会显示 Windows 安全密码。
我必须检查的每个操作方法,并且我需要显示消息或错误页面。如何解决这个问题?
控制器代码:
[AuthorizeUser("Manager","Admin")]
public ActionResult Contact()
return View();
C# 代码:
public AuthorizeUserAttribute(params int[] roles)
allowedroles = roles;
protected override bool AuthorizeCore(HttpContextBase httpContext)
bool authorize = false;
var getList = _objService.GetUserRoleDetail(CommonStaticHelper.getLoggedUser());
foreach (var role in allowedroles)
if (getList.Exists(m => m.RoleId == role))
return authorize = true; /* return true if Entity has current user(active) with specific role */
return authorize;
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
filterContext.Result = new HttpUnauthorizedResult();
【问题讨论】:
【参考方案1】:/// 试试这个:
///Create an action :
public ActionResult Unauthorized()
return View();
//// now write below code for authorization
protected override void HandleUnauthorizedRequest(System.Web.Mvc.AuthorizationContext filterContext)
if (filterContext.HttpContext.Request.IsAuthenticated)
//redirect to the Unauthenticated page
filterContext.Result = new RedirectToRouteResult(new
RouteValueDictionary(new controller = "Error", action = "Unauthorized"
));
else
base.HandleUnauthorizedRequest(filterContext);
protected override bool AuthorizeCore(HttpContextBase httpContext)
var authorized = base.AuthorizeCore(httpContext);
if (!authorized)
// The user is not authenticated
return false;
else
var getList =
_objService.GetUserRoleDetail(CommonStaticHelper.getLoggedUser());
foreach (var role in allowedroles)
if (getList.Exists(m => m.RoleId == role))
return authorize = true; /* return true if Entity has current
user(active) with specific role */
return authorize = false;
【讨论】:
【参考方案2】:创建您自己的过滤器,例如
public class AuthorityAttribute : AuthorizeAttribute
private readonly string[] allowedroles;
public AuthorityAttribute(params string[] roles)
this.allowedroles = roles;
protected override bool AuthorizeCore(HttpContextBase httpContext)
foreach (var role in allowedroles)
if (PortalWebSessionManager.ActivePortalSettings.ActiveRoles != null)
foreach (IDynamics.IDynamicsPortal.DataComponent.Roles currentRole in PortalWebSessionManager.ActivePortalSettings.ActiveRoles)
if (currentRole.RoleName == role)
return true;
return false;
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
filterContext.Result = new HttpUnauthorizedResult();
并调用该过滤器
【讨论】:
以上是关于如何解决mvc中授权失败的windows安全窗口提示的主要内容,如果未能解决你的问题,请参考以下文章
电脑出现Windows通讯窗口初始化失败怎么解决?系统Windows10