ELMAH爲MVC支持固定ELMAH在ADFS宣稱以下的AppSettings配置使用elmah.mvc.allowedRoles的AppSettings
elmah.mvc.allowedRoles
elmah.mvc.allowedUsers
確保使用角色/用戶ELMAH路由路徑。顯然,它適用於Windows或表單身份驗證。但是我無法讓它爲基於聲明的認證工作。
有沒有人有這方面的經驗?
我這樣做是web配置
<elmah>
<security allowRemoteAccess="true" />
<errorLog type="Elmah.SqlErrorLog, Elmah" connectionStringName="elmah-sqlserver" applicationName="Eers.Web"/>
</elmah>
進一步回落
<location path="elmah">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<location path="elmah.axd" inheritInChildApplications="false">
<system.web>
<httpHandlers>
<add verb="POST,GET,HEAD" path="elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah" />
</httpHandlers>
</system.web>
<system.webServer>
<handlers>
<add name="ELMAH" verb="POST,GET,HEAD" path="elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah" preCondition="integratedMode" />
</handlers>
</system.webServer>
</location>
如果你注意一下它的工作原理就像在MVC任何其他安全節點。但它不適用於索賠。對於您將不得不寫一個Action過濾器
<authorization>
<allow users="*"/>
</authorization>
這裏是我的Actionfilter
public class ElmahRequestAuthorizationFilter : AuthorizeAttribute
{
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.IsChildAction) return;
var controller = filterContext.RouteData.Values["controller"] as string;
if (controller != null && controller.ToLowerInvariant() != "elmah") return;
var authenticationComponent = GetAuthenticationInfo() // A method that will return us roles;
var goodRoles = new List<string> {
"TestRole",
"ThirdLevelSupport",
"Administrator"
};
var roles = authenticationComponent.Roles ?? new List<string>();
var thouShaltPass = roles.Intersect(goodRoles).Any();
if (!thouShaltPass)
{
throw new HttpException(404, "Not Found");
}
}
}
如何註冊您ElmahRequestAuthorizationFilter?過濾器如何被調用?你不能把屬性放在控制器或動作上,因爲Elmah是一個模塊? – GavKilbride
將其添加到App_Start中FilterConfig的其餘過濾器 – Peter