C# 自定义授权属性在WebAPI中不起作用
上面是我的CustomAttribute类 及 当我打电话的时候C# 自定义授权属性在WebAPI中不起作用,c#,asp.net-mvc,asp.net-web-api,filter,authorization,C#,Asp.net Mvc,Asp.net Web Api,Filter,Authorization,上面是我的CustomAttribute类 及 当我打电话的时候 [CustomAuthorize] // both [CustomAuthorize] and [CustomAuthorizeAttribute ] I tried public class ProfileController : ApiController { //My Code.. } 它没有触发CustomAuthorizationAttribute 我的FilterConfig类的更多内容如下所示 http:/
[CustomAuthorize] // both [CustomAuthorize] and [CustomAuthorizeAttribute ] I tried
public class ProfileController : ApiController
{
//My Code..
}
它没有触发CustomAuthorizationAttribute
我的FilterConfig类的更多内容如下所示
http://localhost:1142/api/Profile
如果我错过了什么,请帮忙。试试这个
public class FilterConfig
{
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new CustomAuthorizeAttribute());
}
}
HttpContextBase
。而是使用System.Web.Http.Filters
命名空间中的筛选器您的自定义属性应该继承自System.Web.Http.Filters.AuthorizationFilterAttribute 应该是这样的
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
protected override bool IsAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext)
{
return true;
}
}
为了添加您从
System.Web.Http.Filters.AuthorizationFilterAttribute
继承的其他答案,我将其放入我的OnAuthorization
方法中,以确保用户已登录:
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
public class CustomAuthorizeAttribute : System.Web.Http.Filters.AuthorizationFilterAttribute
{
public override bool AllowMultiple
{
get { return false; }
}
public override void OnAuthorization(HttpActionContext actionContext)
{
//Perform your logic here
base.OnAuthorization(actionContext);
}
}
谢谢你。。但是我得到了构建错误,比如没有合适的方法来覆盖(实际上在AuthorizeAttribute中没有这样的方法):(此属性来自System.Web.Http。如果您使用System.Web.Mvc属性,则应替代AuthorizeCore方法!这是您实际需要的内容。如果用户是否获得授权,只需给出bool即可。@ChaoticCoder看起来像链接。
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
public class CustomAuthorizeAttribute : System.Web.Http.Filters.AuthorizationFilterAttribute
{
public override bool AllowMultiple
{
get { return false; }
}
public override void OnAuthorization(HttpActionContext actionContext)
{
//Perform your logic here
base.OnAuthorization(actionContext);
}
}
if (!actionContext.RequestContext.Principal.Identity.IsAuthenticated)
{
// or whatever sort you want to do to end the execution of the request
throw new HttpException(403, "Forbidden");
}