个人中心
文章发布
退出
作者热门文章
- android - RelativeLayout 背景可绘制重叠内容
- android - 如何链接 cpufeatures lib 以获取 native android 库?
- java - OnItemClickListener 不起作用,但 OnLongItemClickListener 在自定义 ListView 中起作用
- java - Android 文件转字符串
24
4
这是我的 Global.asax.cs 文件:
public class MvcApplication : System.Web.HttpApplication
{
public static void RegisterRoutes(RouteCollection routes)
{
...
}
protected void Application_Start()
{
this.PostAuthenticateRequest += new EventHandler(MvcApplication_PostAuthenticateRequest);
}
// This method never called by requests...
protected void MvcApplication_PostAuthenticateRequest(object sender, EventArgs e)
{
HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
var identity = new GenericIdentity(authTicket.Name, "Forms");
var principal = new GenericPrincipal(identity, new string[] { });
Context.User = principal;
}
}
}
PostAuthenticateRequest 何时执行?
最佳答案
根据documentation :
Occurs when a security module has established the identity of the user.
...
The PostAuthenticateRequest event is raised after the AuthenticateRequest event has occurred. Functionality that subscribes to the PostAuthenticateRequest event can access any data that is processed by the PostAuthenticateRequest.
但是因为您的问题是用 ASP.NET MVC 标记的,所以我强烈建议您在自定义 [Authorize] 属性中执行此操作,而不是使用此事件。示例:
public class MyAuthorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var isAuthorized = base.AuthorizeCore(httpContext);
if (isAuthorized)
{
var authCookie = httpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
var identity = new GenericIdentity(authTicket.Name, "Forms");
var principal = new GenericPrincipal(identity, new string[] { });
httpContext.User = principal;
}
}
return isAuthorized;
}
}
现在用 [MyAuthorize] 属性装饰你的 Controller / Action :
[MyAuthorize]
public ActionResult Foo()
{
// if you got here the User property will be the custom
// principal you injected in the authorize attribute
...
}
关于c# - `PostAuthenticateRequest` 什么时候执行?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/5947278/
24
4
0
这是我的 Global.asax.cs 文件: public class MvcApplication : System.Web.HttpApplication { public static
我正在使用 global.asax 文件 (ASP.NET MVC) 中的 Application_PostAuthenticateRequest 方法实现自定义票证系统。我想知道这种事情的开销是多少
我有表单例份验证,我需要一个自定义对象存储在 HttpContext.Current.User 和 Thread.CurrentPrincipal 中。 为了得到这个,我听了 PostAuthenti
我们在使用自定义控件的 AuthenticateRequest 时遇到问题:对于持久化信息,我们使用HttpContext.Current.Application. 由于各种原因,如果多个用户同时工作
我正在尝试遵循 Brock Allen 的示例,了解如何使用声明将自定义角色添加到 Windows 角色。( http://brockallen.com/2013/01/17/adding-custo
如何使用 PostAuthenticateRequest Global.asax 事件?我关注 this tutorial它提到我必须使用 PostAuthenticateRequest 事件。当我添
我是一名优秀的程序员,十分优秀!