c# - MVC Not holding on to authentication -


i have 2 apps i'm working on. both of them need use both windows authentication , anonymous access. this, edited web.config rid of authorization tag (with "deny users="?"") , tagged few actions custom authorization attribute. trouble is, server "forgetting" me. instance, on first app, 1 user reports has attempt access control panel every other time wants edit. on second one, click login, i'm logged in, , click other link (especially "save") , i'm logged out.

here's 1 of custom authorization attributes:

public class accountsauthorizeitattribute : authorizeattribute {     protected override bool authorizecore(httpcontextbase httpcontext)     {         if(httpcontext.user.identity.isauthenticated == false)         {             return false;         }          if(httpcontext.user.isinrole("ct-it"))         {             return true;         }          return false;     } }

and log in, have in _layout:

@html.actionlink("login", "login", "login", new { returnurl = httpcontext.current.request.rawurl }, null)

with login controller:

public class logincontroller : controller {     [accountsauthorizeit]     public actionresult login(string returnurl)     {         return redirect(returnurl);     } }

what cause this? shouldn't authentication stored in session variable, saved (roughly) long browser window open? need tell server remember data?

shouldn't authentication stored in session variable, saved (roughly) long browser window open? need tell server remember data?

i store them in principle object claim using owin cookie middleware.

here sample code. rolenames user's assigned active directory group. 

public void signin(user user, ilist<string> rolenames) {     ilist<claim> claims = new list<claim>             {                 new claim(claimtypes.sid, user.id.tostring()),                 new claim(claimtypes.name, user.username),                 new claim(claimtypes.givenname, user.firstname),                 new claim(claimtypes.surname, user.lastname),             };      foreach (string rolename in rolenames)     {         claims.add(new claim(claimtypes.role, rolename));     }      claimsidentity identity = new claimsidentity(claims, authenticationtype);      iowincontext context = _context.request.getowincontext();     iauthenticationmanager authenticationmanager = context.authentication;      authenticationmanager.signin(identity); }

startup.cs

then register owin cookie middleware @ start up.

public class startup {     public void configuration(iappbuilder app)     {         app.usecookieauthentication(new cookieauthenticationoptions         {             authenticationtype = "applicationcookie",             loginpath = new pathstring("/account/login")         });     } }

if store them in principle object, won't need custom attribute accountsauthorizeitattribute.


Comments

Post a Comment

Popular posts from this blog

Command prompt result in label. Python 2.7 -

i want put result(output) of shell command label. command works, label shows "0", however, in command prompt, result shown correctly, need showed in label. doing ubuntu. myg1 = button(root, text="rodyti informacija", command=lambda: gauti()) myg1.pack(side=bottom) def gauti(): imti = tekstas.get("1.0", "end-1c") info = subprocess.call("id '{imti}' ".format(imti=imti), shell=true) w = label(root, text= info) w.pack(side = bottom) subprocess.call() returns exit code of process created (in case 0 success). if want text output of process, should instead call subprocess.check_output() .
Read more

javascript - How do I use URL parameters to change link href on page? -

i change href value of link using url parameters. example: default <a id="dlink" href="link-1">link</a> but, when user goes https://url.com/?dlink=link-2 it swaps out link new link <a id="dlink" href="link-2">link</a> first need value url. if you're not using javascript framework can create function using jquery. please check get url parameter jquery or how query string values in js it. after that, element "a" id , set value there. $("#dlink").attr("href", hreffromparam);
Read more

amazon web services - AWS Route53 Trying To Get Site To Resolve To www -

so have domain nameservers pointed aws route 53. site hosted on ec2 instance , reachable resolves site.com, if input www.site.com. i'm curious how site resolve www.site.com. have under route53 domains hosted zone 2 additional record sets outside of ns , soa: a site.com ec2 elastic ip cname www.site.com ec2 public dns i can reach site using both site.com , www.site.com, resolve site.com. there way make if enter either, resolves www.site.com? at first, both should record set. a site.com ec2 elastic ip www.site.com ec2 elastic ip and need redirect setting in web server (nginx, apache, ..) following. (source: how redirect www non-www nginx on centos 7 ) redirect non-www www if want redirect users plain, non-www domain www domain, add server block: server { server_name example.com; return 301 $scheme://www.example.com$request_uri; } save , exit. configures nginx redirect requests "example.com" "www.example.com". not
Read more