自定义授权属性或基于策略的授权处理程序
[英]custom authorize attribute or policy based authorization handler
问题描述
I should check the custom header is present eg:["apikey"] and then check in the database thatgiven key is present.
我应该检查自定义 header 是否存在,例如:[“apikey”],然后检查数据库中是否存在给定密钥。 if not present return unauthorized.如果不存在,则未经授权返回。 should i use authorization attribute or policy based authorization handler?我应该使用授权属性还是基于策略的授权处理程序?
1 个解决方案
解决方案1
0 2021-05-26 14:04:17
Rather than authorization handler, I find custom authentication handler is a better approach for this scenario and implemented the same.而不是授权处理程序,我发现自定义身份验证处理程序是这种场景的更好方法,并且实现了相同的方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
基于策略的授权/可重用授权处理程序 - Policy based authorization / Reusable authorization handler
将授权属性与基于自定义声明的身份验证一起使用 - Use Authorize Attribute with Custom Claims based Authentication
为所有控制器的自定义策略和全局的操作设置authorize属性 - Set authorize attribute for Custom policy for all controller and Actions at global
ASP.NET Web API 2 自定义授权和授权属性 - ASP.NET Web API 2 Custom Authorization and Authorize Attribute
如何告诉[Authorize]属性使用自定义消息处理程序的基本身份验证? - How to tell [Authorize] attribute to use Basic authentication with custom message handler?
基于索赔和政策的授权 - Claims and policy based Authorization
定制授权政策 - Custom Policy for Authorization
未指定 authenticationScheme,并且未找到基于自定义策略的授权的 DefaultForbidScheme - No authenticationScheme was specified, and there was no DefaultForbidScheme found with custom policy based authorization
基于ASP.NET核心自定义策略的授权 - 不清楚 - ASP.NET Core Custom Policy Based Authorization - unclear
ASP.NET Framework中基于自定义策略的授权 - Custom Policy-Based Authorization in ASP.NET Framework
相关标签