問題:只要普通用戶嘗試訪問只能由管理員訪問的頁面,用戶總是被重定向到登錄而不是訪問被拒絕的頁面。Asp Net核心授權
問題:每當用戶訪問受限制的頁面時,普通用戶如何看到拒絕訪問頁面?
控制器:
[Authorize(Roles = "Administrator")]
public class AdminOnlyController: Controller{
}
Startup.cs
app.UseIdentity();
app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
AuthenticationScheme = "FirstCookieAuthentication",
AutomaticAuthenticate = true,
AutomaticChallenge = true,
AccessDeniedPath = new PathString("/Forbidden/"),
LoginPath = new PathString("/Conotroller/Login"),
});
請參閱更新 –