ASP.NET個IAuthorizationFilter OnAuthorization

Question

您好我想實現一個自定義的授權過濾

//The Authourization attribute on a controller 
public class CustomAdminAuthorizationFilter : IAuthorizationFilter 
{ 
    private readonly IAuthentication _authentication; 

    public SageAdminAuthorizationFilter(IAuthentication authentication) 
    { 
     _authentication = authentication; 
    } 

    public void OnAuthorization(AuthorizationContext filterContext) 
    { 
     bool result = _authentication.Authorize(filterContext.HttpContext); 
    } 
} 

正如你可以在OnAuthorization我得到一個結果是假的真見。 我需要設置什麼來返回我從哪裏來？

編輯：

它似乎仍然直扔我在日誌中

頁

我注入IAuthetication

this.BindFilter<CustomAdminAuthorizationFilter>(FilterScope.Controller, 0); 
    Bind<IAuthentication>().To<CustomAuthenticationService>(); 

然後我裝飾我的動作在控制器等等。

[Authorize] 
    public ActionResult Index() 
    { 
     ViewBag.Title = "Welcome"; 
     ViewBag.Message = "Welcome to ASP.NET MVC!"; 

     return View(); 
    } 

在使用

<authentication mode="Forms"> 
    <forms loginUrl="~/Account/LogOn" timeout="2880" /> 
</authentication> 

我的web.config林如果有這樣的改變？

任何幫助將不勝感激。

Answer 1

變化是一個Attribute，不是簡單的一個IAuthorizationFilter

[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)] 
public class SageAdminAuthorizeAttribute : AuthorizeAttribute, IAuthorizationFilter 
{ 
    readonly IAuthentication _authentication; 

    public SageAdminAuthorizeAttribute(IAuthentication authentication) 
    { 
     _authentication = authentication; 
    } 

    public override void OnAuthorization(AuthorizationContext filterContext) 
    { 
     if (!_authentication.Authorize(filterContext.HttpContext)) 
      filterContext.Result = new HttpUnauthorizedResult(); 
    } 
} 

而現在，而不是使用[Authorize]使用新[SageAdminAuthorize]屬性

[SageAdminAuthorize] 
public ActionResult Index() 
{ 
    ViewBag.Title = "Welcome"; 
    ViewBag.Message = "Welcome to ASP.NET MVC!"; 

    return View(); 
}