[ patak_daca @ 11.01.2017. 19:23 ] @
Pozdrav!

U aplikaciji koristim OWIN.

Evo i malo code:

Code:
private List<Claim> GetClaims()
        {
            var claims = new List<Claim>();
            claims.Add(new Claim(ClaimTypes.Email, "assilabdulrahim@gmail.com"));
            claims.Add(new Claim(DemoIdentity.IPClaimType, "128.236.333.2"));
            claims.Add(new Claim(DemoIdentity.IdClaimType, "12345"));
            claims.Add(new Claim(ClaimTypes.Name, "Assil"));
            claims.Add(new Claim(ClaimTypes.Name, "Abdulrahim"));

            var roles = new[] { "Admin", "Citizin", "Worker" };
            var groups = new[] { "Admin", "Citizin", "Worker" };

            foreach (var item in roles)
            {
                claims.Add(new Claim(DemoIdentity.RolesClaimType, item));
            }
            foreach (var item in groups)
            {
                claims.Add(new Claim(DemoIdentity.GroupClaimType, item));
            }
            return claims;
        }


        private void SignIn(List<Claim> claims)
        {

            var claimsIdentity = new DemoIdentity(claims,
            DefaultAuthenticationTypes.ApplicationCookie);       
         
            AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
            AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, claimsIdentity);

            HttpContext.User = new DemoPrincipal(AuthenticationManager.AuthenticationResponseGrant.Principal);

        }


Kada na serverskoj strani postavim:

Code:
[Authorize(Roles =  "Admin")]
        public ActionResult About()
        {
            return View();
        }


Dobijam grešku da ne može da pristupi metodi.
Kao da nevidi rolu.
A kada probam bez role samo [Authorize] sve radi dobro.

Da li ima neko neki savet, molim.

Hvala unapred!

Patak
[ djordjeno @ 12.01.2017. 09:45 ] @
Daj kod gde pozoves GetClaims() funkciju, odnosno SignIn()



[ patak_daca @ 12.01.2017. 10:14 ] @
Pozdrav!

Evo komplet account controller:

Code:
 public class AccountController : Controller
    {
        [AllowAnonymous]
        public ActionResult Login(string returnUrl)
        {
            ViewBag.ReturnUrl = returnUrl;
            if (User.Identity.IsAuthenticated)
                ViewBag.Message = "You Dont have enough Permissions, you need to be with elevated privileges to go there";
            return View();
        }

        //
        // POST: /Account/Login
        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public ActionResult Login(LoginViewModel model, string returnUrl)
        {

            if (ModelState.IsValid)
            {
                if (true) //Check the database
                {



                    List<Claim> claims = GetClaims();
                    if (null != claims)
                    {
                        SignIn(claims);

                        return RedirectToLocal(returnUrl);
                    }



                    ModelState.AddModelError("", "Invalid username or password.");

                }
                else
                {
                    //No User of that email address
                    ModelState.AddModelError("", "Invalid username or password.");
                }
            }
            else
            {
                //Model not valid
                ModelState.AddModelError("", "The Model is Not valid");
            }
            // If we got this far, something failed, redisplay form
            return View(model);

        }

        private List<Claim> GetClaims()
        {
            var claims = new List<Claim>();
            claims.Add(new Claim(ClaimTypes.Email, "assilabdulrahim@gmail.com"));
            claims.Add(new Claim(DemoIdentity.IPClaimType, "128.236.333.2"));
            claims.Add(new Claim(DemoIdentity.IdClaimType, "12345"));
            claims.Add(new Claim(ClaimTypes.Name, "Assil"));
            claims.Add(new Claim(ClaimTypes.Name, "Abdulrahim"));

            var roles = new[] { "Admin", "Citizin", "Worker" };
            var groups = new[] { "Admin", "Citizin", "Worker" };

            foreach (var item in roles)
            {
                claims.Add(new Claim(DemoIdentity.RolesClaimType, item));
            }
            foreach (var item in groups)
            {
                claims.Add(new Claim(DemoIdentity.GroupClaimType, item));
            }
            return claims;
        }


        private void SignIn(List<Claim> claims)//Mind!!! This is System.Security.Claims not WIF claims
        {

            var claimsIdentity = new DemoIdentity(claims,
            DefaultAuthenticationTypes.ApplicationCookie);

            //This uses OWIN authentication
         
            AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
            AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, claimsIdentity);


            HttpContext.User = new DemoPrincipal(AuthenticationManager.AuthenticationResponseGrant.Principal);



        }


        private IAuthenticationManager AuthenticationManager
        {
            get
            {
                return HttpContext.GetOwinContext().Authentication;
            }
        }

        private ActionResult RedirectToLocal(string returnUrl)
        {
            if (Url.IsLocalUrl(returnUrl))
            {
                return Redirect(returnUrl);
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }
        }

        //
        // POST: /Account/LogOff
        //[HttpPost]
        //[ValidateAntiForgeryToken]
        public ActionResult LogOff()
        {
            AuthenticationManager.SignOut();
            return RedirectToAction("Index", "Home", new { area = "" });
        }
    }




a evo i Home controller:

Code:
public class HomeController : Controller
    {
        public ActionResult Index()
        {
            return View();
        }

        [Authorize(Roles =  "Admin")]
        public ActionResult About()
        {

           
            return View();
        }
    }



Hvala unapred!

Patak
[ patak_daca @ 12.01.2017. 18:46 ] @
Pozdrav!

Možda neki savet....

Hvala.

Patak
[ patak_daca @ 13.01.2017. 14:01 ] @
Pozdrav!

Ako nekog muči isti problem...


Code:
private List<Claim> GetClaims()
        {
            var claims = new List<Claim>();
            claims.Add(new Claim(ClaimTypes.Email, "assilabdulrahim@gmail.com"));
            claims.Add(new Claim(DemoIdentity.IPClaimType, "128.236.333.2"));
            claims.Add(new Claim(DemoIdentity.IdClaimType, "12345"));
            claims.Add(new Claim(ClaimTypes.Name, "Assil"));
            claims.Add(new Claim(ClaimTypes.Name, "Abdulrahim"));
            claims.Add(new Claim(ClaimTypes.Role, "Admin"));              - ----------------   dodao sam ovaj red
 
            var roles = new[] { "Admin", "Citizin", "Worker" };
            var groups = new[] { "Admin", "Citizin", "Worker" };

            foreach (var item in roles)
            {
                claims.Add(new Claim(DemoIdentity.RolesClaimType, item));
            }
            foreach (var item in groups)
            {
                claims.Add(new Claim(DemoIdentity.GroupClaimType, item));
            }
            return claims;
        }


Dodao sam ovaj red ( bold -ovan) i radi...