出现以下错误:
Authorization failed. These requirements were not met:
DenyAnonymousAuthorizationRequirement: Requires an authenticated user. <s:Microsoft.AspNetCore.Authorization.DefaultAuthorizationService>
联合服务:
if (!iis && !httpSys)
{
// Information - DEBUG
Serilog.Log.Information("Using Kestrel");
// Environment uses Kestrel and WsFederation
services.AddAuthentication(WsFederationDefaults.AuthenticationScheme)
.AddWsFederation(WsFederationDefaults.AuthenticationScheme, options =>
{
options.Wtrealm = config.GetValue<string>("Authentication:Microsoft:WsFederation:Wtrealm");
options.MetadataAddress = config.GetValue<string>("Authentication:Microsoft:WsFederation:MetadataAddress");
options.RequireHttpsMetadata = true;
options.Events = new WsFederationEvents
{
OnRedirectToIdentityProvider = context =>
{
context.ProtocolMessage.Whr = "Authentication:Microsoft:WsFederation:Whr";
return Task.CompletedTask;
}
};
options.Wreply = config.GetValue<string>("Authentication:Microsoft:WsFederation:Wreply");
}
);
// Configure authorization policies
services.AddAuthorization(options =>
{
options.AddPolicy("WsfPolicy", builder =>
{
builder.RequireAuthenticatedUser();
builder.AuthenticationSchemes = new[] { WsFederationDefaults.AuthenticationScheme };
}
);
});
}
控制器:
[Authorize(Policy = "WsfPolicy")]
[HttpGet]
[Route("lkMeasures")]
[Produces("application/json")]
[ProducesResponseType(StatusCodes.Status200OK, Type = typeof(ICollection<LkMeasure>))]
[ProducesErrorResponseType(typeof(void))]
public async Task<IActionResult> AllItems()
{
var allItems = await _lookupsService.AllMeasures();
return Ok(allItems);
}
注意: 我已经研究这个问题几天了,似乎找不到解决方案;非常感谢您的帮助。
我需要定义一个默认策略。一旦被定义。该帐户能够访问资源。
// Configure authorization policies
services.AddAuthorization(options =>
{
options.AddPolicy("defaultPolicy", builder =>
{
builder.RequireAuthenticatedUser();
builder.AuthenticationSchemes = new[] { WsFederationDefaults.AuthenticationScheme };
}
);
});