1. 技术文章
  2. How to enable Windows authentication for specific controller in ASP.Net Web API

How to enable Windows authentication for specific controller in ASP.Net Web API

試著忘記壹切 提交于 2019-12-22 04:27:04

问题


I was wandering if there is a way to enable Windows authentication only for the particular action of the particular ASP.Net Web API controller. My Web API web service has a couple of controllers with numerous actions, but only one action of one controller needs Windows authentication. This web services is implemented using Web API 2.1, and is hosted in IIS (v7.5 and above). Even though, it’s an intranet web service I don’t want to enable windows authentication on controllers and actions that don’t need it. Please let me know if there is a way to enable Windows authentication for a specific controller and action.

My web service code is similar to the code below. Only endpoint api/controller1/action1 implemented by Controller1.Action1 requires windows authentication. The rest of actions don't need Windows authentication:

[RoutePrefix("api/controller1")]
public class Controller1: ApiController
{
    [Route("action1")]
    public HttpResponseMessage Action1()
    {
        return Request.CreateResponse<object>(HttpStatusCode.OK, null);
    }
    [Route("action2")]
    public HttpResponseMessage Action2()
    {
        return Request.CreateResponse<object>(HttpStatusCode.OK, null);
    }
}


[RoutePrefix("api/controller2")]
public class Controller2 : ApiController
{
    [Route("action1")]
    public HttpResponseMessage Action1()
    {
        return Request.CreateResponse<object>(HttpStatusCode.OK, null);
    }
    [Route("action2")]
    public HttpResponseMessage Action2()
    {
        return Request.CreateResponse<object>(HttpStatusCode.OK, null);
    }
}

Thank you, Rita


回答1:


is this what your want? adding this to your config file.

<location path="api/controller1">
  <system.web>
    <authorization>
      <deny users="?" />
    </authorization>
  </system.web>
</location>



回答2:


I had the same problem. The solution was

  1. Enable Windows Authentication in IIS Website, where your API is hosted. If you are using OWIN to self host, see this SO discussion

  2. Then in your controller or controller action, which requires Windows Authentication, just add an "Authorize" attribute.

    [Authorize] public async Task GetDocumentContent([FromUri]DocumentContentRequest request) {

    }

That is it.



来源:https://stackoverflow.com/questions/25511208/how-to-enable-windows-authentication-for-specific-controller-in-asp-net-web-api

标签
ASP.NET
iis
asp.net-web-api
windows-authentication
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!