0
我有基本http authorizaton的WebApi項目。我需要授權用戶之前,他去安全頁面。當我進入安全頁面「Books/get」時,看到錯誤「/'應用程序中的服務器錯誤。」爲什麼頁面有錯誤? 根:基本http授權中的服務器錯誤
public class BasicAuthHttpModule : IHttpModule
{
private const string Realm = "My Realm";
public void Init(HttpApplication context)
{
// Register event handlers
context.AuthenticateRequest += OnApplicationAuthenticateRequest;
context.EndRequest += OnApplicationEndRequest;
}
private static void SetPrincipal(IPrincipal principal)
{
Thread.CurrentPrincipal = principal;
if (HttpContext.Current != null)
{
HttpContext.Current.User = principal;
}
}
// TODO: Here is where you would validate the username and password.
private static bool CheckPassword(string username, string password)
{
return username == "user" && password == "password";
}
private static bool AuthenticateUser(string credentials)
{
bool validated = false;
try
{
var encoding = Encoding.GetEncoding("iso-8859-1");
credentials = encoding.GetString(Convert.FromBase64String(credentials));
int separator = credentials.IndexOf(':');
string name = credentials.Substring(0, separator);
string password = credentials.Substring(separator + 1);
validated = CheckPassword(name, password);
if (validated)
{
var identity = new GenericIdentity(name);
SetPrincipal(new GenericPrincipal(identity, null));
}
}
catch (FormatException)
{
// Credentials were not formatted correctly.
validated = false;
}
return validated;
}
private static void OnApplicationAuthenticateRequest(object sender, EventArgs e)
{
var request = HttpContext.Current.Request;
var authHeader = request.Headers["Authorization"];
if (authHeader != null)
{
var authHeaderVal = AuthenticationHeaderValue.Parse(authHeader);
// RFC 2617 sec 1.2, "scheme" name is case-insensitive
if (authHeaderVal.Scheme.Equals("basic",
StringComparison.OrdinalIgnoreCase) &&
authHeaderVal.Parameter != null)
{
AuthenticateUser(authHeaderVal.Parameter);
}
}
}
// If the request was unauthorized, add the WWW-Authenticate header
// to the response.
private static void OnApplicationEndRequest(object sender, EventArgs e)
{
var response = HttpContext.Current.Response;
if (response.StatusCode == 401)
{
response.Headers.Add("WWW-Authenticate",
string.Format("Basic realm=\"{0}\"", Realm));
}
}
public void Dispose()
{
}
}
public class ItemModel
{
public int ItemID { get; set; }
public string ItemName { get; set; }
public double ItemValue { get; set; }
}
web配置的部分:
<system.webServer>
<modules>
<add name="BasicAuthHttpModule" type="WebHostBasicAuth.Modules.BasicAuthHttpModule, BasicAuth"/>
</modules>
和書籍控制器:
[Authorize]
public class BooksController : ApiController
{
[Authorize]
public IEnumerable<ItemModel> Get()
{
return new List<ItemModel>
{
new ItemModel() { ItemID = 1, ItemName = "Item1", ItemValue = 100 },
};
}
_「當我去安全頁‘書籍/讓’我看到錯誤‘服務器錯誤‘/’應用程序’爲什麼網頁有錯誤?」 _ - 問你的服務器。查看日誌或啓用詳細的錯誤報告。 – CodeCaster
,因爲我有ApiController(不是控制器) – Srenik