与AuthorizeAttribute的ASP.NET Web API授权 [英] ASP.NET Web API Authorization with AuthorizeAttribute
问题描述
使用新的ASP.NET Web API测试版。我似乎无法得到验证用户的建议的方法,工作。凡建议的方法似乎是,添加 [授权]
过滤到API控制器。例如:
Using the new ASP.NET Web API beta. I can not seem to get the suggested method of authenticating users, to work. Where the suggested approach seems to be, to add the [Authorize]
filter to the API controllers. For example:
[Authorize]
public IEnumerable<Item> Get()
{
return itemsService.GetItems();
}
如同预期这是行不通的。当请求的资源,您重定向到一个登录表单。这是不是很适合一个RESTful的WebAPI。
This does not work as intended though. When requesting the resource, you get redirected to a login form. Which is not very suitable for a RESTful webapi.
我应该如何着手呢?它会不会在将来的版本不同的工作?或者我应该回落到实现我自己的行动过滤器?
How should I proceed with this? Will it work differently in future versions?, or should I fall back to implementing my own action filter?
推荐答案
仔细检查你使用的是 System.Web.Http.AuthorizeAttribute
,而不是 System.Web.Mvc.AuthorizeAttribute
。在此之前咬了我。我知道的WebAPI小组正在试图拉都在一起,使其熟悉MVC用户,但我认为有些事情是不必要的混乱。
Double check that you are using the System.Web.Http.AuthorizeAttribute
and not the System.Web.Mvc.AuthorizeAttribute
. This bit me before. I know the WebAPI team is trying to pull everything together so that it is familiar to MVC users, but I think somethings are needlessly confusing.
这篇关于与AuthorizeAttribute的ASP.NET Web API授权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!