Use of authentication filters (i)
1. First create a filter class that you define to inherit the MVC authentication filtering class, overriding the Onauthorization method
Public classMyauthorization:authorizeattribute { Public Override voidonauthorization (AuthorizationContext filtercontext) {//If you keep the following code, the. NET Framework-defined authentication runs, and if you want to customize authentication, remove the following code//base. Onauthorization (Filtercontext); //if you want to jump to another page and need to use result instead of Response.Redirect (), the second scenario will not let the server stop executing//filtercontext.result=new Redirectresult (Urlhelper.generateurl ("", "Login", "UserInfo", "")); //Get route data: An object that is obtained when the current context matches a routing rule//Filtercontext.routedata//Get ContextFilterContext.HttpContext.Response.Write ("123"); } }
2, the behavior of the controller tag characteristics, the behavior of the tag will execute the filter is not marked will not be executed
[myauthorization]: The current behavior performs an authentication filter before execution Public actionresult Index () { throw New Exception (""); return View (); } Public actionresult Show () { return View (); }
3, all the behavior of the controller to perform this filtering validation, the attribute is marked on the controller
//[Myauthorization]//all behaviors under the current controller are applied to this filter Public classHomecontroller:mybasecontroller//Controller { // //GET:/home///[myauthorization]: The current behavior performs an authentication filter before execution PublicActionResult Index () {Throw NewException (""); returnView (); } PublicActionResult Show () {returnView (); }
4, if all the controller to perform filter verification is registered in the Filterconfig file
Public Static void registerglobalfilters (globalfiltercollection filters) { / /Register the filter in the global, the filter //filters will be executed for all the controller's behavior . ADD (New Myauthorization ()); }
Use of authentication Filters (ii)
1, the second implementation of the filter: The method of rewriting the controller, so that it will be applied to all the behavior (the controller), can not control the execution of one of the actions
protected Override void onauthorization (AuthorizationContext filtercontext) { filterContext.HttpContext.Response.Write ("456"); }
2, if you want to do login verification, register the global filter in Filterconfig, login home do not need, will die by bad login, with marked characteristics of the way too tired
You can define a class for your own controller.
Public class Mybasecontroller:controller { // filter Second implementation: Override the Controller's method so that it will be applied to all behaviors protected Override void onauthorization (AuthorizationContext filtercontext) { filterContext.HttpContext.Response.Write ("456"); } }
3. Allow the controller to implement the filter to inherit the controller we define
Public classHomecontroller:mybasecontroller//Controller { // //GET:/home/ PublicActionResult Index () {Throw NewException (""); returnView (); } PublicActionResult Show () {returnView (); } }
MVC Filter---Authentication filter