1. 首頁
  2. 問答
  3. System.Threading.Thread.CurrentPrincipal在AuthorizationFilterAttribute

System.Threading.Thread.CurrentPrincipal在AuthorizationFilterAttribute

2017-03-10 53 views
0

我試圖用屬性映射做基本的身份驗證(AuthorizationFilterAttribute)使用我控制器[AuthenticationController]System.Threading.Thread.CurrentPrincipal在AuthorizationFilterAttribute

顯示 here 

public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext) 
    { 
     if (!_active) 
      return; 
     var identity = FetchHeader(actionContext); 
     if (identity == null) 
     { 
      ChallengeAuthRequestFilter(actionContext); 
      return; 
     } 
     var genericPrincipal = new GenericPrincipal(identity, null); 
     Thread.CurrentPrincipal = genericPrincipal; 
     var val = Thread.CurrentPrincipal.Identity.IsAuthenticated; 

     if (!OnAuthorizeUser(identity.Name, identity.Password, actionContext)) 
     { 
      ChallengeAuthRequestFilter(actionContext); 
      return; 
     } 
     base.OnAuthorization(actionContext); 
    }

我使用這個屬性技術不設置 

[ApiAuthenticationFilter(true)] //This is the attribute class 
    [RoutePrefix("api/Authentication")] 
    public class AuthenticateController : ApiController 
    { 
     private ITokenService _tokenService; 

     public AuthenticateController() { } 
     public AuthenticateController(ITokenService tokenService) 
     { 
      _tokenService = tokenService; 
     } 

     // GET api/<controller> 
     [Route("Login")] 
     [HttpGet] 
     public HttpResponseMessage Authenticate(User user) 
     { 
      if (System.Threading.Thread.CurrentPrincipal != null && System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated) 
      { 
       BasicAuthenticationIdentity identity = Thread.CurrentPrincipal.Identity as BasicAuthenticationIdentity; 
       if (identity != null) 
        return GenerateToken(identity.UserId); 
      } 
      return null; 
     }

MyQuestion

即使我設置CurrentPrincipal到GenericPrincipal對象,並獲得IsAuthenticated屬性爲true:

var genericPrincipal = new GenericPrincipal(identity, null); 
Thread.CurrentPrincipal = genericPrincipal;

,並用它在我的控制器來檢查這就是爲什麼我越來越來假

if (System.Threading.Thread.CurrentPrincipal != null && System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated)

IsAuthenticated屬性當我在屬性類中得到它時,IsAuthenticated屬性在我的控制器中爲false。

請指導,我做錯了什麼。

謝謝。

來源

2017-03-10 Pranay

回答

0

我得到了同樣的問題之前,我解決了這個問題,通過使用HttpContext.Current.User而不是System.Threading.Thread.CurrentPrincipal。

下面是示例代碼:

var genericPrincipal = new GenericPrincipal(identity, null); 
HttpContext.Current.User = genericPrincipal;

在你的控制器:

if (HttpContext.Current.User != null && HttpContext.Current.User.Identity.IsAuthenticated)

希望這個答案可以幫助你。

來源

2017-06-20 11:46:14

相關問題

 相關問題