问题
I am trying to lock down our "admin" page to only admins using Asp.net Identity (we are building in MVC5). I can get [Authorize(Users="admin")] to work but can not get [Authorize(Roles="Admin")] to work.
I have created the role in the dbo.AspNetRoles table and then associated the account in the AspNetUserRoles by pairing the user GUID to the ID in the aspnetroles table.
I have seen in previous editions of MVC you have had to get into web.config to add some lines. Can anyone help point me in the right direction?
回答1:
Have you specified in the web.config that you are going to use roles?
<roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider">
<providers>
<clear />
<add name="AspNetSqlRoleProvider" connectionStringName="DefaultConnection" applicationName="/" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>
来源:https://stackoverflow.com/questions/19641387/mvc-5-role-based-authentication