0
klainer created
Hi, I want to extend base AbpMvcAuthorizeFilter (OnAuthorization method) due to custom loging level implementation. I noticed that filter is registered there: AbpWebMvcModule.cs
It is possible to replace this base filter with my own ? How can I do that in WEB module ? Thanks for your time and help!
2 Answer(s)
-
0
answered here: <a class="postlink" href="https://github.com/aspnetboilerplate/aspnetboilerplate/issues/1256">https://github.com/aspnetboilerplate/as ... ssues/1256</a>
-
0
Hi thanks! I tried to create custom Athorizate Attribute which is deriveder from AbpMvcAuthorizeAttribute and I have problem with
HandleUnauthorizedRequest. This method is never called in this CustomAttribute. The same problem is in
AbpAuthorizeAttributealso not called.
My implementation:
public class CustomMvcAuthorizeAttribute : AbpMvcAuthorizeAttribute { public ILogger Logger { get; set; } public string[] Permissions { get; set; } public bool RequireAllPermissions { get; set; } public VSDMvcAuthorizeAttribute(params string[] permissions) :base(permissions) { Logger = NullLogger.Instance; } protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) { var httpContext = filterContext.HttpContext; **var message = string.Format("'{0}' unauthorize access.", httpContext.Request.CurrentExecutionFilePath ); Logger.Security(message); // my custom security log** if (!httpContext.Request.IsAjaxRequest()) { base.HandleUnauthorizedRequest(filterContext); return; } httpContext.Response.StatusCode = httpContext.User.Identity.IsAuthenticated == false ? (int)System.Net.HttpStatusCode.Unauthorized : (int)System.Net.HttpStatusCode.Forbidden; httpContext.Response.SuppressFormsAuthenticationRedirect = true; httpContext.Response.End(); }Thanks for help
