个人中心
gpt4 book ai didi

c# - Blazor AD 身份验证安全句柄已关闭

转载 作者:行者123 更新时间:2023-12-04 17:35:49 25 4
gpt4 key购买 nike

我正在尝试使用 Blazor(服务器端和 .net core 3.0 preview-6)进行 AD 身份验证。

当我添加 @attribute [Authorize(Roles = "DomainUsers")] 时,出现以下错误。

如果我更改为 Policy,我会得到同样的错误。但是,如果我只使用 [Authorize],我不会收到错误消息。

当我单击菜单中的链接时会发生这种情况。如果我在浏览器中写入直接路径,我会按预期工作。

public Startup(IConfiguration config)
    {
        Configuration = config;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
    public void ConfigureServices(IServiceCollection services)
    {
        services.AddMvc().AddNewtonsoftJson();
        services.AddRazorPages();
        services.AddServerSideBlazor();
        services.AddHttpContextAccessor();
        services.AddAuthentication();
        services.AddAuthorization();

        services.AddHttpClient();

        var appDB = Configuration.GetConnectionString("AppDB");
        services.Configure<CtApiSettings>(Configuration.GetSection("CtApiSettings"));

        services.AddDbContext<ApplicationContext>(o => o.UseSqlServer(appDB, builder =>
        {
            builder.EnableRetryOnFailure(5, TimeSpan.FromSeconds(10), null);
        }));


        services.AddToaster(config =>
        {
            config.PositionClass = Defaults.Classes.Position.TopFullWidth;
            config.PreventDuplicates = false;
            config.NewestOnTop = false;
            config.ShowTransitionDuration = 500;
            config.VisibleStateDuration = 5000;
            config.HideTransitionDuration = 500;
        });

        // Setup HttpClient for server side in a client side compatible fashion
        services.AddScoped<HttpClient>(s =>
        {
            // Creating the URI helper needs to wait until the JS Runtime is initialized, so defer it.
            var uriHelper = s.GetRequiredService<IUriHelper>();
            return new HttpClient
            {
                BaseAddress = new Uri(uriHelper.GetBaseUri())
            };
        });

        ActiveDirectoryModel adm = new ActiveDirectoryModel();
        Configuration.GetSection("AD").Bind(adm);
        services.Configure<ActiveDirectoryModel>(Configuration.GetSection("AD"));

        services.AddScoped<ExcelExportService>();
        services.AddScoped<IAreaService, AreaService>();
        services.AddScoped<IUserProvider>(x => new UserProvider(adm));
        services.AddScoped<IAdminService, AdminService>();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
            // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();

        app.UseRouting();

        app.UseAuthentication();
        app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            //endpoints.MapRazorPages();
            //endpoints.MapControllers();
            endpoints.MapBlazorHub();
            endpoints.MapFallbackToPage("/_Host");
        });
    }

Error: System.ObjectDisposedException: Safe handle has been closed. Object name: 'SafeHandle'. at System.Runtime.InteropServices.SafeHandle.DangerousAddRef(Boolean& success) at System.StubHelpers.StubHelpers.SafeHandleAddRef(SafeHandle pHandle, Boolean& success) at Interop.Advapi32.GetTokenInformation(SafeAccessTokenHandle TokenHandle, UInt32 TokenInformationClass, SafeLocalAllocHandle TokenInformation, UInt32 TokenInformationLength, UInt32& ReturnLength) at System.Security.Principal.WindowsIdentity.GetTokenInformation(SafeAccessTokenHandle tokenHandle, TokenInformationClass tokenInformationClass, Boolean nullOnInvalidParam) at System.Security.Principal.WindowsIdentity.get_User() at System.Security.Principal.WindowsIdentity.b__51_0() at System.Security.Principal.WindowsIdentity.<>c__DisplayClass67_0.b__0(Object ) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state) --- End of stack trace from previous location where exception was thrown --- at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Security.Principal.WindowsIdentity.RunImpersonatedInternal(SafeAccessTokenHandle token, Action action) at System.Security.Principal.WindowsIdentity.RunImpersonated(SafeAccessTokenHandle safeAccessTokenHandle, Action action) at System.Security.Principal.WindowsIdentity.GetName() at System.Security.Principal.WindowsIdentity.get_Name() at System.Security.Principal.WindowsIdentity.InitializeClaims() at System.Security.Principal.WindowsIdentity.get_Claims()+MoveNext()
at System.Security.Claims.ClaimsIdentity.HasClaim(String type, String value) at System.Security.Claims.ClaimsPrincipal.IsInRole(String role) at System.Security.Principal.WindowsPrincipal.IsInRole(String role) at Microsoft.AspNetCore.Authorization.Infrastructure.RolesAuthorizationRequirement.<>c__DisplayClass4_0.b__0(String r) at System.Linq.Enumerable.Any[TSource](IEnumerable1 source,
Func2 predicate) at Microsoft.AspNetCore.Authorization.Infrastructure.RolesAuthorizationRequirement.HandleRequirementAsync(AuthorizationHandlerContext context, RolesAuthorizationRequirement requirement) at Microsoft.AspNetCore.Authorization.AuthorizationHandler1.HandleAsync(AuthorizationHandlerContext
context) at
Microsoft.AspNetCore.Authorization.Infrastructure.PassThroughAuthorizationHandler.HandleAsync(AuthorizationHandlerContext
context) at
Microsoft.AspNetCore.Authorization.DefaultAuthorizationService.AuthorizeAsync(ClaimsPrincipal
user, Object resource, IEnumerable1 requirements) at Microsoft.AspNetCore.Components.AuthorizeViewCore.IsAuthorizedAsync(ClaimsPrincipal user) at Microsoft.AspNetCore.Components.AuthorizeViewCore.OnParametersSetAsync() at Microsoft.AspNetCore.Components.ComponentBase.CallStateHasChangedOnAsyncCompletion(Task task) at Microsoft.AspNetCore.Components.ComponentBase.RunInitAndSetParametersAsync()

最佳答案

根据issue tracker在 github 上:

Currently the built-in internal default FixedAuthenticationStateProvider assumes the authentication state is fixed for the lifetime of the circuit, as its name implies. However this isn't adequate for Windows authentication, as the WindowsPrincipal is connected to underlying OS services and can't continue to be used if the original HTTP request has completed. Trying to call things like IsInRole will throw if the principal has already been disposed

该修复已合并到 master 中,将与 asp.net core 3.0.0-preview8 一起发布

更新: 似乎已解决,see here升级到预览版 8 并修复重大更改。

关于c# - Blazor AD 身份验证安全句柄已关闭,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/56649559/

25 4 0
文章推荐: angular - ExpressionChangedAfterItHasBeenCheckedError 未定义输入参数
文章推荐: cytoscape.js - 鼠标悬停在节点上时如何将光标更改为指针
文章推荐: scala - 还要注意项目文件
文章推荐: javascript - Tensorflow vs Tensorflow JS 浮点算术计算的不同结果
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com