问题描述

我创建了一个 Azure Active Directory 应用程序，并且我想使用基于角色的安全性.我按照以下教程进行操作:

I created an Azure Active Directory Application and i want to use role based security. I followed the tutorial on: https://azure.microsoft.com/en-us/resources/samples/active-directory-dotnet-webapp-openidconnect-aspnetcore/

The login works, I added roles to the application manifest and assigned the role Approver to my own account. Now i want to use these roles.

After login the following works in the controller:

[Authorize]

But when adding the role the user is not authorized:

[Authorize(Roles="Approver")]

Also the following returns false:

User.IsInRole("Approver");

It seems the roles are not retreived, any suggestions on how to add the role functionality to this demo project?

This code sample works for me after assign roles to account . Please debug application in this line: User.IsInRole("Approver"); , check whether {http://schemas.microsoft.com/ws/2008/06/identity/claims/role: Approver}exists in user claims . And make sure you add roles which allowedMemberTypes is user , for example :

{
      "allowedMemberTypes": [
        "User"
      ],
      "displayName": "Approver",
      "id": "fc803414-3c61-4ebc-a5e5-cd1675c14bbb",
      "isEnabled": true,
      "description": "Approvers have the ability to change the status of tasks.",
      "value": "Approver"
    },

And you have assign the user role in Enterprise applications-->All applications--> find your app-->Users and groups--> add/edit a user and assign roles :

这篇关于ASP Core Azure Active Directory 登录使用角色的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！