C# ';访问被拒绝';基于安全授权的webapi
我正在尝试创建一个带有身份验证的虚拟web api 通过以下链接: 控制器代码:C# ';访问被拒绝';基于安全授权的webapi,c#,asp.net-mvc-4,asp.net-web-api,authorization,C#,Asp.net Mvc 4,Asp.net Web Api,Authorization,我正在尝试创建一个带有身份验证的虚拟web api 通过以下链接: 控制器代码: MySecurityClient msc = new MySecurityClient(); ViewBag.result1 = msc.Demo()==null ?"Access Denied": msc.Demo(); return View(); public class MySecurityClient { private string BASE_URL = "http://localhost:3
MySecurityClient msc = new MySecurityClient();
ViewBag.result1 = msc.Demo()==null ?"Access Denied": msc.Demo();
return View();
public class MySecurityClient
{
private string BASE_URL = "http://localhost:3513/api/MySecurity/";
private object convert;
public string Demo()
{
try
{
HttpClient Client = new HttpClient();
var authInfo = Convert.ToBase64String(Encoding.Default.GetBytes("acc1:123"));
Client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", authInfo);
Client.BaseAddress = new Uri(BASE_URL);
HttpResponseMessage response = Client.GetAsync("Work2").Result;
if (response.IsSuccessStatusCode)
return response.Content.ReadAsStringAsync().Result;
return null;
}
catch (Exception ex)
{
return null;
}
}
}
public override void OnAuthorization(HttpActionContext actionContext)
{
try
{
AuthenticationHeaderValue authValue = actionContext.Request.Headers.Authorization;
if (authValue != null && !string.IsNullOrWhiteSpace(authValue.Parameter)
&& authValue.Scheme == BasicAuthResponseHeaderValue)
{
Credential parsedCredentials = ParseAuthorizationHeader(authValue.Parameter);
var MyPrincipal = new MyPrincipal(parsedCredentials.UserName);
if (!MyPrincipal.IsInRole(Roles))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue);
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK);
actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue);
//return;
}
}
}
catch (Exception ex)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK);
actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue);
}
}
MySecurityClient msc = new MySecurityClient();
ViewBag.result1 = msc.Demo()==null ?"Access Denied": msc.Demo();
return View();
public class MySecurityClient
{
private string BASE_URL = "http://localhost:3513/api/MySecurity/";
private object convert;
public string Demo()
{
try
{
HttpClient Client = new HttpClient();
var authInfo = Convert.ToBase64String(Encoding.Default.GetBytes("acc1:123"));
Client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", authInfo);
Client.BaseAddress = new Uri(BASE_URL);
HttpResponseMessage response = Client.GetAsync("Work2").Result;
if (response.IsSuccessStatusCode)
return response.Content.ReadAsStringAsync().Result;
return null;
}
catch (Exception ex)
{
return null;
}
}
}
public override void OnAuthorization(HttpActionContext actionContext)
{
try
{
AuthenticationHeaderValue authValue = actionContext.Request.Headers.Authorization;
if (authValue != null && !string.IsNullOrWhiteSpace(authValue.Parameter)
&& authValue.Scheme == BasicAuthResponseHeaderValue)
{
Credential parsedCredentials = ParseAuthorizationHeader(authValue.Parameter);
var MyPrincipal = new MyPrincipal(parsedCredentials.UserName);
if (!MyPrincipal.IsInRole(Roles))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue);
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK);
actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue);
//return;
}
}
}
catch (Exception ex)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK);
actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue);
}
}
[HttpGet]
[Route("Work2")]
[MyAuthorize(Roles="SuperAdmin")]
public string Work2()
{
return "Work2";
}
MySecurityClient msc = new MySecurityClient();
ViewBag.result1 = msc.Demo()==null ?"Access Denied": msc.Demo();
return View();
public class MySecurityClient
{
private string BASE_URL = "http://localhost:3513/api/MySecurity/";
private object convert;
public string Demo()
{
try
{
HttpClient Client = new HttpClient();
var authInfo = Convert.ToBase64String(Encoding.Default.GetBytes("acc1:123"));
Client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", authInfo);
Client.BaseAddress = new Uri(BASE_URL);
HttpResponseMessage response = Client.GetAsync("Work2").Result;
if (response.IsSuccessStatusCode)
return response.Content.ReadAsStringAsync().Result;
return null;
}
catch (Exception ex)
{
return null;
}
}
}
public override void OnAuthorization(HttpActionContext actionContext)
{
try
{
AuthenticationHeaderValue authValue = actionContext.Request.Headers.Authorization;
if (authValue != null && !string.IsNullOrWhiteSpace(authValue.Parameter)
&& authValue.Scheme == BasicAuthResponseHeaderValue)
{
Credential parsedCredentials = ParseAuthorizationHeader(authValue.Parameter);
var MyPrincipal = new MyPrincipal(parsedCredentials.UserName);
if (!MyPrincipal.IsInRole(Roles))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue);
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK);
actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue);
//return;
}
}
}
catch (Exception ex)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK);
actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue);
}
}
响应。IsSuccessStatusCode返回response.Content.ReadAsAsync().Result,则ViewBag.result1
为空
在return response.Content.ReadAsAsync().Result上拒绝访问
提前谢谢