我正在开发ASPNET MVC 4和WebApi。 webapi方法将由移动设备使用。我们需要保护服务,我们正在使用的是以某种特定方式加密数据。
现在,我需要在到达控制器之前解密呼叫。如果解密的信息有效,它应该照常继续到控制器,如果没有,我将路由用户一些错误方法。
为了实现这一点,我认为最好的选择是自定义HttpHandler和自定义RouteHandler。我正在关注教程here
public class MvcSecurityRouteHandler:IRouteHandler
{
public System.Web.IHttpHandler GetHttpHandler(RequestContext requestContext)
{
return new MvcSecurityHttpHandler(requestContext);
}
}
public class MvcSecurityHttpHandler : IHttpHandler, System.Web.SessionState.IRequiresSessionState, IRouteHandler
{
public RequestContext RequestContext { get; set; }
public MvcSecurityHttpHandler(RequestContext requestContext)
{
this.RequestContext = requestContext;
}
public bool IsReusable
{
get { return true; }
}
public void ProcessRequest(HttpContext httpContext)
{
var controllerId = RequestContext.RouteData.GetRequiredString("controllerId");
IController controller = null;
IControllerFactory factory = null;
try
{
factory = ControllerBuilder.Current.GetControllerFactory();
controller = factory.CreateController(RequestContext, controllerId);
if (controller != null)
{
controller.Execute(RequestContext);
}
}
finally
{
factory.ReleaseController(controller);
}
//string originalPath = httpContext.Request.Path;
//HttpContext.Current.RewritePath(httpContext.Request.ApplicationPath, false);
//IHttpHandler httpHandler = new MvcHttpHandler();
//httpHandler.ProcessRequest(HttpContext.Current);
//HttpContext.Current.RewritePath(originalPath, false);
}
public IHttpHandler GetHttpHandler(RequestContext requestContext)
{
throw new NotImplementedException();
}
}
public class RouteConfig
{
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
var defaults = new RouteValueDictionary
{{"controllerId", "Home"},{"action", "Index"},{"id", string.Empty}};
var customRoute = new Route("{controllerId}/{action}/{id}", defaults, new MvcSecurityRouteHandler());
routes.Add(customRoute);
routes.MapRoute(
name: "DefaultWebApi",
url: "{controller}/{action}/{id}",
defaults: new
{
controller = "Home",
action = "Index",
id = UrlParameter.Optional
});
}
}
的Global.asax.cs
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
var defaults = new RouteValueDictionary
{{"controllerId", "Home"},{"action", "Index"},{"id", string.Empty}};
var customRoute = new Route("{controllerId}/{action}/{id}", defaults, new MvcSecurityRouteHandler());
routes.Add(customRoute);
}
并在Application_Start
中RegisterRoutes(RouteTable.Routes);
服务启动后,我在ProcessRequest中创建一个断点,但它没有被命中。 可能会遗漏什么?这是正确的做法吗?
答案 0 :(得分:7)
如果还没有,则需要先在global.asax或web.config文件中注册处理程序。
http://msdn.microsoft.com/en-us/library/46c5ddfy(v=vs.100).aspx