ASP.NET MVC 2 OnActionExecuting 方法的问题
我有一个名为“SomeController”的控制器。我想检查用户是否已登录或是否具有在该控制器中执行任何操作的权限。为此,我阅读了这篇文章 http://blog。 wekeroad.com/blog/aspnet-mvc-secure-your-controller-actions/ 我已经编写了自己的类(测试):
public class BaseFilter : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
FormsAuthentication.RedirectToLoginPage();
}
//here will be checking the user permissions if he's logged in
}
}
[BaseFilter]
public class SomeController : BaseController
{
...
}
但是正如您所理解的,当我想运行时它会产生一个不定式循环该控制器的任何操作。那么,如何应对呢?
I have a controller called "SomeController". I want to check if the user is logged in or if has persissions to execute any action in that controller. To do so, I read that article http://blog.wekeroad.com/blog/aspnet-mvc-securing-your-controller-actions/ and I've written my own class (a test):
public class BaseFilter : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
FormsAuthentication.RedirectToLoginPage();
}
//here will be checking the user permissions if he's logged in
}
}
[BaseFilter]
public class SomeController : BaseController
{
...
}
but as You can understand it makes an infinitive loop when I want to run any action from that controller. So, how to cope with that ?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您可以将操作过滤器应用于相关方法,而不是在类级别。
就我个人而言,我会将其命名为“Authorize”,然后将其应用于需要授权的控制器方法。
You can apply the action filter on the relevant methods instead of at the class level.
Personally I would name this something like
Authorizeand then apply it to the controller methods that require authorization.