gpt4 book ai didi

asp.net-mvc - 为什么Hangfire需要验证才能查看仪表板

转载 作者:行者123 更新时间:2023-12-04 01:18:45 27 4
gpt4 key购买 nike

我在MVC Web应用程序中运行HangFire,但是每当我尝试导航到http://MyApp/hangfire时,它都会将我重定向到应用程序的登录页面,就像我没有登录一样。

我没有明确配置任何授权要求...例如我在web.config中有以下内容,但随后尝试将其取出以使其正常工作。

<location path="hangfire">
<system.web>
<authorization>
<allow roles="Administrator" />
<deny users="*" />
</authorization>
</system.web>




从理论上讲,这就是我想要的,并且当我登录到主Web应用程序时,我将以 Administrator角色登录,因此该规则应该有效。

但是,无论是否在web.config中进行了配置,每当我尝试导航到 http://MyApp/hangfire时,它都会按照web.config中的配置将我重定向到我的应用登录页面:

<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="960" />
</authentication>


仅当发布到主机时,它不会在本地计算机上执行此操作。登录时,HangFire是否无法识别主应用程序提供的身份验证Cookie?我认为总体而言,hangfire应用程序不需要身份验证,那么其他配置可能会认为它需要身份验证?

更新1:

我根据 hangfire docs添加了授权过滤器,但是发生了同样的事情。这是我在Startup.cs中的代码:

using Hangfire;
using Hangfire.Logging;
using Hangfire.Dashboard;
using Hangfire.SqlServer;
using Microsoft.Owin;
using OTIS.Web.AppCode;
using OTISScheduler.AppServ;
using Owin;
using System.Web.Security;

[assembly: OwinStartup(typeof(OTIS.Web.App_Start.Startup))]
namespace OTIS.Web.App_Start
{
public class Startup
{
public void Configuration(IAppBuilder app) {

app.UseHangfire(config => {
config.UseSqlServerStorage("DefaultConnection");
config.UseServer();

//Dashboard authorization
config.UseAuthorizationFilters(new AuthorizationFilter
{
Users = "USERA", // allow only specified users (comma delimited list)
Roles = "Account Administrator, Administrator" // allow only specified roles(comma delimited list)
});


});

LogProvider.SetCurrentLogProvider(new StubLogProviderForHangfire());

GlobalJobFilters.Filters.Add(new AutomaticRetryAttribute { Attempts = 0 });

var scheduleTasksInitializer = new ScheduleTasksInitializer();

scheduleTasksInitializer.ScheduleTasks();
}
}
}


更新2:

对于更多的 detailed instructions showing basic authentication,我也尝试过此操作。。。仍然没有运气..将我重定向到应用程序的登录页面。

config.UseAuthorizationFilters(
new BasicAuthAuthorizationFilter(
new BasicAuthAuthorizationFilterOptions
{
// Require secure connection for dashboard
RequireSsl = false,
SslRedirect = false,

// Case sensitive login checking
LoginCaseSensitive = true,

// Users
Users = new[]
{
new BasicAuthAuthorizationUser
{
Login = "MyLogin",

// Password as plain text
PasswordClear = "MyPwd"
}
}
}));

最佳答案

对于较新的版本,应使用IDashboardAuthorizationFilter。使用using语句,它将如下所示:

using System.Web;
using Hangfire.Annotations;
using Hangfire.Dashboard;

namespace Scheduler.Hangfire
{
public class HangFireAuthorizationFilter : IDashboardAuthorizationFilter
{
public bool Authorize([NotNull] DashboardContext context)
{
//can add some more logic here...
return HttpContext.Current.User.Identity.IsAuthenticated;
}
}
}


然后在配置部分:

app.UseHangfireDashboard("/jobs", new DashboardOptions() 
{
Authorization = new [] {new HangFireAuthorizationFilter()}
});

关于asp.net-mvc - 为什么Hangfire需要验证才能查看仪表板,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29441634/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com