我有一个标有[Authenticate]属性的服务方法,只接受GET请求。我正在使用ServiceStack.Net内置的基本身份验证。我还有两个调用服务方法的控制台应用程序。第一个应用程序发送UserName和Password。第二个应用程序不发送用户名和密码。两个应用程序都不发送任何cookie(ss-id,ss-pid)。
以下是请求的示例:
Accept: application/json
Accept-Encoding: gzip,deflate
Content-Type: application/json
Host: local.dev
Content-Length: 25
Connection: Keep-Alive
{"Email":"user@test.org"}
我的问题是:如果我先运行第一个应用程序,然后再运行第二个应用程序。第二个应用程序获取与第一个应用程序相同的数据,但我希望将“未经授权”作为响应。
//AppHost.cs
var cacheClient = new MemoryCacheClient();
Container.Register<ICacheClient>(cacheClient);
var authUserSession = new AuthUserSession();
var authProviders = new IAuthProvider[] { new BasicAuthProvider() };
var authFeature = new AuthFeature(() => authUserSession, authProviders);
authFeature.IncludeAssignRoleServices = false;
Plugins.Add(authFeature);
var userRepository = new InMemoryAuthRepository();
Container.Register<IUserAuthRepository>(userRepository);
//internal method which finally creates a user and puts it to the repository
//using method repository.CreateUserAuth(userAuth, password);
AddUserToRepository();
//Consumers
var client = new JsonServiceClient("http://local.dev");
//the following two lines are commented out in the second application
client.UserName = "admin";
client.Password = "pass123";
var data = new { Email= "user@test.org" };
var response = client.Get<object>("/Test", data);
请帮助我了解导致问题的原因。 谢谢。