我正在处理这种奇怪的情况。当用户登录时,我只能为 ClaimsIdentity 设置名称声明。然后用户从列表中选择某个诊所。根据选择,我设置了他们的角色声明。但是我注意到 ASP.NET Url Authorization 只是忽略了这些角色声明,因为它们没有在 PostAuthenticateRequest 中设置。是否有任何其他事件我可以挂钩来设置这些额外的声明?
问问题
375 次
1 回答
0
I'd go with this approach.
- Store Clinic ID to regular Session
- Implement ClaimsAuthenticationManager of your own which will check for that Session entry, and if one exists, hydrate incoming ClaimsIdentity with new Role claims
Once Clinic is selected, you redirect user to another controller/action, and on the next request ClaimsAuthenticationManager will jump in and modify identity with new claims thus providing roles to user.
于 2013-09-21T08:09:34.430 回答