authorize-attribute | 易学教程

Why can't I combine [Authorize] and [OutputCache] attributes when using Azure cache (.NET MVC3 app)?

阅读更多关于 Why can't I combine [Authorize] and [OutputCache] attributes when using Azure cache (.NET MVC3 app)?

Using Windows Azure's Microsoft.Web.DistributedCache.DistributedCacheOutputCacheProvider as the outputCache provider for an MVC3 app. Here is the relevant action method: [ActionName("sample-cached-page")] [OutputCache(Duration = 300, VaryByCustom = "User", Location = OutputCacheLocation.Server)] [Authorize(Users = "me@mydomain.tld,another@otherdomain.tld")] public virtual ActionResult SampleCachedPage() { return View(); } I get the following exception when loading this view from a web browser: System.Configuration.Provider.ProviderException: When using a custom output cache provider like

Dynamically add roles to authorize attribute for controller

阅读更多关于 Dynamically add roles to authorize attribute for controller

问题 I need to enable my admin user to change access permissions for users on the fly, such that they can create new Roles and add permissions to those Roles. I want to be able to create an Authorize attribute to stick above my controller class that I can add roles to from a database, so that I don't have to 'set' the roles during development, as in [Authorize(Roles="Role1, Role2")] etc. So something like [Authorize(Roles = GetListOfRoles()] I found this question - ASP.NET MVC Authorize user with

MVC Core How to force / set global authorization for all actions?

阅读更多关于 MVC Core How to force / set global authorization for all actions?

How to force / set global authorization for all actions in MVC Core ? I know how to register global filters - for example I have: Setup.cs services.AddMvc(options => { options.Filters.Add(new RequireHttpsAttribute()); }); and this works fine, but I can't add the same for Authorize: options.Filters.Add(new AuthorizeAttribute()); I have error: Cannot convert from 'Microsoft.AspNet.Authorization.AuthorizeAttribute()' to 'System.Type' (Method .Add() needs IFilterMetadata type) I know - from similar questions - that this works on MVC4-5... So something must changed on MVC Core... Someone have any

Asp.net MVC4: Authorize on both controller and action

阅读更多关于 Asp.net MVC4: Authorize on both controller and action

If I have the Authorize attribute on both the controller and the action, which one will take the effect? Or will both take effect? Andy Brown You asked: If I have Authorize attribute on both controller and action, which one will take the effect? Both? To answer this simply: Both. The effect is to AND the two restrictions together. I'll explain why below ... Details So, there are a few reasons you could be asking this. You want to know how to enforce an additional constraint on an Action compared to a method. e.g. At controller level, enforce users in the role "user" At an action level,

Why can't I combine [Authorize] and [OutputCache] attributes when using Azure cache (.NET MVC3 app)?

阅读更多关于 Why can't I combine [Authorize] and [OutputCache] attributes when using Azure cache (.NET MVC3 app)?

问题 Using Windows Azure's Microsoft.Web.DistributedCache.DistributedCacheOutputCacheProvider as the outputCache provider for an MVC3 app. Here is the relevant action method: [ActionName("sample-cached-page")] [OutputCache(Duration = 300, VaryByCustom = "User", Location = OutputCacheLocation.Server)] [Authorize(Users = "me@mydomain.tld,another@otherdomain.tld")] public virtual ActionResult SampleCachedPage() { return View(); } I get the following exception when loading this view from a web browser

Asp.net MVC4: Authorize on both controller and action

阅读更多关于 Asp.net MVC4: Authorize on both controller and action

问题 If I have the Authorize attribute on both the controller and the action, which one will take the effect? Or will both take effect? 回答1: You asked: If I have Authorize attribute on both controller and action, which one will take the effect? Both? To answer this simply: Both. The effect is to AND the two restrictions together. I'll explain why below ... Details So, there are a few reasons you could be asking this. You want to know how to enforce an additional constraint on an Action compared to

Handling session timeout in ajax calls

阅读更多关于 Handling session timeout in ajax calls

I'm making an ajax call using jquery to an asp.net mvc controller action: [AcceptVerbs(HttpVerbs.Post)] public ActionResult GetWeek(string startDay) { var daysOfWeek = CompanyUtility.GetWeek(User.Company.Id, startDay); return Json(daysOfWeek); } When session times out, this call will fail, as the User object is stored in session. I created a custom authorize attribute in order to check if session was lost and redirect to the login page. This works fine for page requests, however it doesn't work for ajax requests, as you can't redirect from an ajax request: [AttributeUsage(AttributeTargets

MVC Core How to force / set global authorization for all actions?

阅读更多关于 MVC Core How to force / set global authorization for all actions?

问题 How to force / set global authorization for all actions in MVC Core ? I know how to register global filters - for example I have: Setup.cs services.AddMvc(options => { options.Filters.Add(new RequireHttpsAttribute()); }); and this works fine, but I can\'t add the same for Authorize: options.Filters.Add(new AuthorizeAttribute()); I have error: Cannot convert from \'Microsoft.AspNet.Authorization.AuthorizeAttribute()\' to \'System.Type\' (Method .Add() needs IFilterMetadata type) I know - from