在ASP.NET MVC属性的prevent缓存,力量属性执行每一个操作执行时 [英] Prevent Caching of Attributes in ASP.NET MVC, force Attribute Execution every time an Action is Executed
问题描述
根据不同的制品(如这里和<一个href=\"http://stackoverflow.com/questions/1440121/actionfilterattribute-apply-to-actions-of-a-specific-controller-type\">here)属性对ASP.NET MVC操作结果可能会缓存在和不会再次执行:当一个控制器动作被调用。
According to various articles (e.g. here and here) attribute results on ASP.NET MVC Actions may be cached and not executed again when a controller action is called.
这行为是不是在我所希望的情况下(例如我有一个授权系统基于我自己的属性和IP地址,角色检查需要执行的每一次,和其他的东西)。
That behavior is not desired in my case (e.g. I have an authorization system based on my own attributes and IPs, role checks that need to execute every time, and other things).
我如何prevent ASP.NET MVC从缓存我的属性/属性的执行结果,并保证它们的每次执行
How can I prevent ASP.NET MVC from caching my attributes/attribute execution results and guarantee that they are executed every time?
推荐答案
看源$ C $ C为AuthorizeAttribute(上codePLEX或通过反射镜),看看它是如何去有关关闭缓存授权页面。我重构其插入我的自定义授权属性一个单独的方法从AuthorizeAttribute派生的。
Look at the source code for the AuthorizeAttribute (on Codeplex or via Reflector) to see how it goes about turning off caching for authorized pages. I refactored it into a separate method on my custom authorization attribute which derives from AuthorizeAttribute.
protected void CacheValidateHandler( HttpContext context, object data, ref HttpValidationStatus validationStatus )
{
validationStatus = OnCacheAuthorization( new HttpContextWrapper( context ) );
}
protected void SetCachePolicy( AuthorizationContext filterContext )
{
// ** IMPORTANT **
// Since we're performing authorization at the action level, the authorization code runs
// after the output caching module. In the worst case this could allow an authorized user
// to cause the page to be cached, then an unauthorized user would later be served the
// cached page. We work around this by telling proxies not to cache the sensitive page,
// then we hook our custom authorization code into the caching mechanism so that we have
// the final say on whether a page should be served from the cache.
HttpCachePolicyBase cachePolicy = filterContext.HttpContext.Response.Cache;
cachePolicy.SetProxyMaxAge( new TimeSpan( 0 ) );
cachePolicy.AddValidationCallback( CacheValidateHandler, null /* data */);
}
这篇关于在ASP.NET MVC属性的prevent缓存,力量属性执行每一个操作执行时的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!