c# - Cannot authenticate in Web API service called from MVC website -

-

i have asp.net mvc website using angular front end, needs communicate rest web api service retrieve data. have authentication logic against custom provider in mvc project , works fine using adlds. calls rest web api have no authentication data passed , can't work out how pass user authenticated mvc, on rest web api.

here example call web api.

 public void approvemodel(int modelversionid, string comments)         {             var request = new restrequest("api/modelversion", method.post) { requestformat = dataformat.json };             request.addbody(new[] { new modelaction { modelactiontype = modelactionconstants.modelactionapprovemodel, actionparameters = new dictionary<string, string> { { modelactionconstants.modelactionparametermodelversionid, modelversionid.tostring(cultureinfo.invariantculture) }, {modelactionconstants.modelactionparametercomments, comments} } } });             request.usedefaultcredentials = true;              var response = _client.execute(request);             if (response.statuscode != httpstatuscode.ok)                 throw new serverexception(response.content);                     }

my web api controller method (abbreviated)

 [validateaccess(constants.dummy, constants.secure_environment)]                 public httpresponsemessage post(modelaction[] actions)         {          ... }

and custom validate access attribute uses thinktecture 

public class validateaccess : claimsauthorizeattribute     {         private static readonly ilog log = logmanager.getlogger(typeof(validateaccess));         private readonly string _resource;         private readonly string _claimsaction;          public validateaccess(string claimsaction, string resource)         {             _claimsaction = claimsaction;             _resource = resource;             xmlconfigurator.configure();         }          protected override bool isauthorized(httpactioncontext actioncontext)         {                         if (actioncontext == null) throw new argumentnullexception("actioncontext");             if (!httpcontext.current.user.identity.isauthenticated)             {                 log.infoformat("user {0} not authenticated - not authorizing further. redirecting error page.",                     httpcontext.current.user.identity.name);                  return false;             }              // specified users or roles when use our attribute             return checkaccess(actioncontext);         }          protected override bool checkaccess(httpactioncontext actioncontext)         {                         if (_claimsaction == string.empty && _resource == string.empty)             {                 //user in landing page                 return true;             }             return claimsauthorization.checkaccess(_claimsaction, _resource);         }     }

my problems

  • i not familiar web api. isauthorized(httpactioncontext actioncontext) right method override enforce access policy on api calls?

  • why getting null user identity?


Comments

Post a Comment

Popular posts from this blog

javascript - Chart.js (Radar Chart) different scaleLineColor for each scaleLine -

-
Image
i try , create radar chart using chart.js has various colours each scaleline, or coloured between scalelines. wondering if possible? from: to: i have working graph, though there doesn't seem method change individual scale lines. kind regards leigh you can extend radar chart type this, so chart.types.radar.extend({ name: "radaralt", initialize: function (data) { chart.types.radar.prototype.initialize.apply(this, arguments); var originalscaledraw = this.scale.draw; var ctx = this.chart.ctx; this.scale.draw = function () { var linewidth = this.linewidth; // bypasses line drawing in originalscaledraw this.linewidth = linewidth; originalscaledraw.apply(this, arguments); ctx.linewidth = this.linewidth; var scale = this; // draw chart.helpers.each(scale.ylabels, function (label, index) { // color of ...
Read more

apache - Error with PHP mail(): Multiple or malformed newlines found in additional_header -

-
suddenly have started receiving above error without changes having been made script. host 1and1 (i know...) the script still works fine on different server, , suspicion there must have been server config change has lead this, although hosts plead ignorance. there's no information on above error @ in google can find - have ideas? server running apache if helps. had similar problem. came out of blue. no php code changed. what changed: php upgraded 5.5.25-1 5.5.26. a security risk in php mail() function has been fixed , newlines in additional_headers allowed no more. because newlines mean: starts email message (and surely don't want inject newlines through headers followed evil message). what have worked fine, e.g. having newlines after headers or passing whole message additional_headers , function no more. solution : sanitize headers. no multiple newlines in additional_headers argument. these count "multiple or malformed newlines":...
Read more

java - Android – MapFragment overlay button shadow, just like MyLocation button -

-
Image
i'm struggling add shadow custom overlay button on google map. goal make custom button google's mylocation button. here's how app looks now: layout.xml <relativelayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" xmlns:map="http://schemas.android.com/apk/res-auto" android:layout_height="match_parent" android:layout_width="match_parent" style="@style/apptheme"> <fragment android:layout_width="match_parent" android:layout_height="match_parent" android:id="@+id/map" tools:context=".mapsactivity" android:name="com.google.android.gms.maps.supportmapfragment" android:layout_alignparentend="true" android:layout_alignparentstart="true" android:layout_alignparentbottom="true" ...
Read more