与AuthorizeAttribute的ASP.NET Web API授权 [英] ASP.NET Web API Authorization with AuthorizeAttribute

问题描述

使用新的ASP.NET Web API测试版。我似乎无法得到验证用户的建议的方法，工作。凡建议的方法似乎是，添加 [授权] 过滤到API控制器。例如：

Using the new ASP.NET Web API beta. I can not seem to get the suggested method of authenticating users, to work. Where the suggested approach seems to be, to add the [Authorize] filter to the API controllers. For example:

[Authorize] 
public IEnumerable<Item> Get()
{
    return itemsService.GetItems();
}

如同预期这是行不通的。当请求的资源，您重定向到一个登录表单。这是不是很适合一个RESTful的WebAPI。

This does not work as intended though. When requesting the resource, you get redirected to a login form. Which is not very suitable for a RESTful webapi.

我应该如何着手呢？它会不会在将来的版本不同的工作？或者我应该回落到实现我自己的行动过滤器？

How should I proceed with this? Will it work differently in future versions?, or should I fall back to implementing my own action filter?

推荐答案

仔细检查你使用的是 System.Web.Http.AuthorizeAttribute ，而不是 System.Web.Mvc.AuthorizeAttribute 。在此之前咬了我。我知道的WebAPI小组正在试图拉都在一起，使其熟悉MVC用户，但我认为有些事情是不必要的混乱。

Double check that you are using the System.Web.Http.AuthorizeAttribute and not the System.Web.Mvc.AuthorizeAttribute. This bit me before. I know the WebAPI team is trying to pull everything together so that it is familiar to MVC users, but I think somethings are needlessly confusing.

这篇关于与AuthorizeAttribute的ASP.NET Web API授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！