我有一个简单的 ASP.Net Core 2.0 Web 应用程序,并且通过启用 Windows 身份验证和禁用匿名身份验证在项目属性中启用了 Windows 身份验证。
对于 AD 安全组在应用程序/站点级别过滤的授权,我在 Startup.cs 中有以下代码:
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddAuthentication(IISDefaults.AuthenticationScheme);
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.RequireRole("Application - Administrator")
.Build();
config.Filters.Add(new AuthorizeFilter(policy));
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseBrowserLink();
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles();
app.UseAuthentication();
//app.UseStatusCodePagesWithRedirects("/Home/Error/{0}");
//app.UseStatusCodePagesWithReExecute("/Home/Error", "?statusCode={0}");
app.UseStatusCodePagesWithReExecute("/Home/Error/{0}");
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
为了在未经授权的用户尝试访问应用程序时处理 Http 403 状态代码,它将被重定向到自定义错误页面。所以我在 Startup.cs 中的 Configure 方法中尝试了以下 3 种方法:
app.UseStatusCodePagesWithRedirects("/Home/Error/{0}");
app.UseStatusCodePagesWithReExecute("/Home/Error", "?statusCode={0}");
app.UseStatusCodePagesWithReExecute("/Home/Error/{0}");
在 HomeController 中,我尝试了默认的 Error 方法
public IActionResult Error()
{
return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
}
并定制一个来处理特定的状态代码:
public IActionResult Error(string errCode)
{
if (errCode == "500" || errCode == "404" || errCode == "403")
{
return View($"~/Views/Error/{errCode}.cshtml");
}
return View("~/Views/Shared/Error.cshtml");
}
我在/Views/Error/文件夹下有一个简单的错误页面 403.cshtml。
但它们都不起作用,都显示这个页面:
我想知道我是否错过或忘记实现以显示格式化的错误页面?
提前致谢。
最佳答案
我不是 100% 确定,但应该有 2 种不同的 Windows 身份验证:
Windows Authentication
并禁用 Anonymous Users
[Authorize]
和 [AllowAnonymous]
无效,因为未经身份验证的请求永远不会到达您的应用程序 public class Startup
{
public IConfiguration Configuration { get; }
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/home/error");
}
app.UseStaticFiles();
app.UseMvcWithDefaultRoutes();
}
}
Windows Authentication
和 Anonymous Users
[Authorize]
需要在 Startup.cs
上进行额外设置public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(IISDefaults.AuthenticationScheme);
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireRole("Application - Administrator")
.Build();
config.Filters.Add(new AuthorizeFilter(policy));
});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
...
app.UseStatusCodePagesWithReExecute("/error", "?code={0}");
app.UseAuthentication();
app.UseMvcWithDefaultRoutes();
}
[AllowAnonymous]
在错误 Controller 上覆盖 [Authorize]
允许匿名请求的全局过滤器。[AllowAnonymous]
public class ErrorController : Controller
{
public IActionResult Index(int? code)
{
...
}
}
关于asp.net-core - .Net Core 2.x 重定向到错误页面,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50336492/