我具有以下用于实现自定义授权系统的类:-
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
public class CheckUserPermissionsAttribute : ActionFilterAttribute
{
Repository repository = new Repository();
public string Model { get; set; }
public string Action { get; set; }
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
string ADusername = filterContext.HttpContext.User.Identity.Name.Substring(filterContext.HttpContext.User.Identity.Name.IndexOf("\\") + 1);
if (!repository.can(ADusername,Model,Action)) {
filterContext.Result = new HttpUnauthorizedResult("You cannot access this page");
}
base.OnActionExecuting(filterContext);
}
}
但是当前使用Firefox访问我的Web应用程序时,如果返回filterContext.Result = new HttpUnauthorizedResult("You cannot access this page");
,则用户将不断获得提示窗口,提示您永远输入用户名和密码。因此,有一种方法可以修改我的操作方法,以便返回到显示诸如“您无权执行此操作。”之类的消息的视图,而不是返回filterContext.Result = new HttpUnauthorizedResult("You cannot access this page");
。谢谢