asp.net Authorization: location and IPrincipal.IsInRole

Scenario

I'm using a Custom IPrincipal and IIdentity to do asp.net authorization. I set the Principal and Identity during the PostAuthenticateRequest event using an IHttpModule .

The web.config looks approximately like the following:

<system.web>
  <authorization>
    <allow verbs="GET,POST" roles="domaingroup"/>
    <deny verbs="*" users="*"/>
  </authorization>
</system.web>
<location path="~/admin/user_search.aspx">
  <system.web>
    <authorization>
      <allow verbs="GET,POST" roles="admin"/>
      <deny verbs="*" users="*"/>
    </authorization>
  </system.web>
</location>

The Problem

When making a request the IPrincipal.IsInRole method gets called once to check domaingroup but doesn't get called again to check the admin role. What is causing this? Do I have the location syntax incorrect or is there a deeper issue?

Notes

I thought initially that the web.config in the admin directory was overriding the web.config in the root directory, but I've tried removing it altogether as well as using it for the location element. Neither have worked so far.


Don't use the tilde (~) at the start of paths for <location> elements, as they are not interpreted there. In your example, path="admin/user_search.aspx" should be correct.

链接地址: http://www.djcxy.com/p/90150.html

上一篇: 在ASP.NET 4中授权

下一篇: asp.net授权:位置和IPrincipal.IsInRole