Authorization not working in ASP.NET MVC 5
Disclaimer: this is my first time with ASP.NET MVC 5
I have no idea why it doesn't work. I can't get my MVC5 app to authorize users. I have done this in previous versions (2, 3 and 4) but I can't seem to make it work in OWIN.
I'm using local IIS with the needed features enabled:
EDIT :
I'm using SSL on IIS and RequireHttps at C#
This is the code:
protected void Application_Start()
{
GlobalFilters.Filters.Add(new AuthorizeAttribute());
}
Startup.Auth.cs
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/admin/account/login")
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseGoogleAuthentication();
Even though I'm using Global Authorize I tried to "force" it to see if this was the problem:
public class HomeController : Controller
{
[Authorize]
public ActionResult Index()
{
return View();
}
}
No luck... I'm not sure it was necessary with OWIN, but I even tried enabling forms authentication:
<authentication mode="Forms" />
EDIT [2]
Well, I found out the problem... IIS! Finally! Now, would anyone know how to fix that? Do I need anything special to run OWIN on IIS? I can work now, but soon I'll have to deploy the app and will probably run into the same problem in the server...
I've already read these:
How do you login/authenticate a user with Asp.Net MVC5 RTM bits using AspNet.Identity?
Authorize attribute not working MVC 5
Any ideas?
由于您的应用程序使用IIS运行,因此请尝试将Microsoft.Owin.Host.SystemWeb
nuget包添加到您的应用程序中。
Try this article, it was helpful for me OWIN setup. I'm not sure if you used claims as you didn't show it in your question, that is critical to create authentication ticket to authenticate
Also, as you are using SSL, pay attention to CookieSecure property if still does not work CookieSecureOption
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/admin/account/login")
CookieSecure = CookieSecureOption.Never
});
I hope it will help
链接地址: http://www.djcxy.com/p/83642.html