我Asp.net在ASP.NET核心项目中使用了www.example.com Identity 3(仅针对net451编译)。这里有一个问题,当我用[Authorize]标签调用WebAPI时,系统总是返回登录URL而不是401,用于未经授权的调用。我想知道如何让它返回401?
gdrx4gfi1#
在startup.cs中services.AddIdentity<ApplicationUser, IdentityRole>()更改以下代码将处理此问题。
services.AddIdentity<ApplicationUser, IdentityRole>()
services.AddIdentity<ApplicationUser, IdentityRole>(options => { options.Cookies.ApplicationCookie.Events = new CookieAuthenticationEvents { OnRedirectToAccessDenied = context => { context.Response.StatusCode = 403; return Task.FromResult(0); }, OnRedirectToLogin = context => { context.Response.StatusCode = 401; return Task.FromResult(0); } }; options.Cookies.ApplicationCookie.AutomaticAuthenticate = true; })
r9f1avp52#
Maxisam的回答很有帮助,但事情又发生了变化。IdentityOptions上不再有Cookies属性。然而,这起作用:
IdentityOptions
Cookies
services.ConfigureApplicationCookie(options => { options.Events = new CookieAuthenticationEvents { OnRedirectToAccessDenied = context => { context.Response.StatusCode = 403; return Task.FromResult(0); }, OnRedirectToLogin = context => { context.Response.StatusCode = 401; return Task.FromResult(0); } }; });
rjee0c153#
您被重定向,因为默认情况下ApplicationCookie将AutomaticChallenge设置为true。要防止重定向,请用途:
ApplicationCookie
AutomaticChallenge
true
options.Cookies.ApplicationCookie.AutomaticChallenge = false;
3条答案
按热度按时间gdrx4gfi1#
在startup.cs中
services.AddIdentity<ApplicationUser, IdentityRole>()
更改以下代码将处理此问题。
r9f1avp52#
Maxisam的回答很有帮助,但事情又发生了变化。
IdentityOptions
上不再有Cookies
属性。然而,这起作用:rjee0c153#
您被重定向,因为默认情况下
ApplicationCookie
将AutomaticChallenge
设置为true
。要防止重定向,请用途: