我有一個使用基本身份驗證的ASP MVC3 restful服務。搜索堆棧溢出後,我創建了以下代碼。asp mvc 3 ActionFilter用於基本身份驗證
public class BasicAuthentication : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var req = filterContext.HttpContext.Request;
if (String.IsNullOrEmpty(req.Headers["Authorization"]))
{
filterContext.Result = new HttpNotFoundResult();
}
else
{
var credentials = System.Text.ASCIIEncoding.ASCII
.GetString(Convert.FromBase64String(req.Headers["Authorization"].Substring(6)))
.Split(':');
var user = new { Name = credentials[0], Password = credentials[1] };
if(!(user.Name == "username" && user.Password == "passwords"))
{
filterContext.Result = new HttpNotFoundResult();
}
}
}
}
1)ActionFilterAttribute是最好的方法嗎?
2)是否設置了filterContext.Result拒絕訪問控制器方法的正確方法?
3)有什麼我做錯了嗎?
謝謝。
-Nick
您使用基本與基本型(二級AUTH)的形式/自定義類型AUTH或仍使用域帳戶? – 2012-02-22 17:16:58