C# 授权控制器MVC不带角色或用户,但带其他参数
我想在我的控制器中添加customAuthorization,但不是通过检查角色或用户 像这样的方法C# 授权控制器MVC不带角色或用户,但带其他参数,c#,model-view-controller,authorize-attribute,C#,Model View Controller,Authorize Attribute,我想在我的控制器中添加customAuthorization,但不是通过检查角色或用户 像这样的方法CustomModuleAuthorize(“Module1”)] 在CustomModuleAuthorize中,我想在错误视图中重定向 谢谢我通过创建customModuleAttribute来完善解决方案。 我验证AuthorizeCore和HandleUnauthorizedRequest以捕获错误并重定向到视图 这是密码 public class CustomModuleAutho
CustomModuleAuthorize(“Module1”)]
在CustomModuleAuthorize中,我想在错误视图中重定向
谢谢我通过创建customModuleAttribute来完善解决方案。 我验证AuthorizeCore和HandleUnauthorizedRequest以捕获错误并重定向到视图 这是密码
public class CustomModuleAuthorization : System.Web.Mvc.AuthorizeAttribute
{
public string NomModule { get; set; }
private string _reason = "";
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
//return base.AuthorizeCore(httpContext);
string json;
ModulesModel module = null;
try
{
//Appel de l'API pour vérification que le user à acces au module renseigné
var windowsIdentity = System.Web.HttpContext.Current.Request.LogonUserIdentity as System.Security.Principal.WindowsIdentity;
if (windowsIdentity == null)
{
_reason = "Identity not a valid windows identity. ";
return false;
}
using (windowsIdentity.Impersonate())
{
using (var client = new System.Net.WebClient { UseDefaultCredentials = true })
{
string fullUri = ConfigurationManager.AppSettings["UrlApiSuma"].ToString();
client.Headers.Add("Content-Type:application/json; charset=utf-8");
client.Headers.Add("Accept:application/json");
client.Headers.Add("SessionID", Guid.NewGuid().ToString());
json = client.DownloadString(fullUri);
module = JsonConvert.DeserializeObject<ModulesModel>(json);
return true;
}
}
}
catch (Exception e)
{
_reason = e.Message;
return false;
}
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary(
new
{
controller = "Error",
action = "UnAuthorizedAccess",
module= NomModule,
message = _reason
})
);
}
}
公共类CustomModuleAuthorization:System.Web.Mvc.AuthorizeAttribute
{
公共字符串模块{get;set;}
私有字符串_reason=“”;
受保护的覆盖bool AuthorizeCore(HttpContextBase httpContext)
{
//返回base.AuthorizeCore(httpContext);
字符串json;
ModulesModel module=null;
尝试
{
//用户访问模块的许可证转让许可证
var windowsIdentity=System.Web.HttpContext.Current.Request.LogonUserIdentity作为System.Security.Principal.windowsIdentity;
如果(windowsIdentity==null)
{
_reason=“标识不是有效的windows标识。”;
返回false;
}
使用(windowsIdentity.Impersonate())
{
使用(var client=new System.Net.WebClient{UseDefaultCredentials=true})
{
字符串fullUri=ConfigurationManager.AppSettings[“UrlApiSuma”].ToString();
Add(“内容类型:application/json;charset=utf-8”);
client.Headers.Add(“Accept:application/json”);
client.Headers.Add(“SessionID”,Guid.NewGuid().ToString());
json=client.DownloadString(fullUri);
module=JsonConvert.DeserializeObject(json);
返回true;
}
}
}
捕获(例外e)
{
_原因=e.信息;
返回false;
}
}
受保护的覆盖无效HandleUnauthorizedRequest(授权上下文筛选器上下文)
{
filterContext.Result=新的RedirectToRouteResult(
新RouteValueDictionary(
新的
{
controller=“Error”,
action=“UnAuthorizedAccess”,
模块=标称模块,
消息=\u原因
})
);
}
}
到目前为止,您尝试了什么?