public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.Controller is BaseAuthorizationController)
{
_entityTypes = (filterContext.Controller as BaseAuthorizationController).GetEntityTypes();
}
else
{
_entityTypes = new EntityType[0];
}
AuthenticationHelper.CheckAuthentication(filterContext);
base.OnAuthorization(filterContext);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var userName = filterContext.HttpContext.User.Identity.Name;
var valid = _authenticationHelper.CheckAuthentication(PageName, PermissionKey, userName);
if (valid)
{
base.OnActionExecuting(filterContext);
}
else
{
filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary {
{ "controller", "Account" }, { "action", "Login" }
});
}
}
void context_AcquireRequestState(object sender, EventArgs e)
{
HttpContext httpContext = ((HttpApplication)sender).Context;
var requestedUrl = httpContext.Request.Url.AbsolutePath.ToLower();
if (!(requestedUrl.Contains("aspx") || requestedUrl.Contains("ascx") || requestedUrl.Contains("asmx")))
{
return;
}
if (AuthenticationHelper.CheckAuthentication(httpContext))
{
return;
}
if (!new AccessControlHelper().CheckAccess(requestedUrl, _entityTypes))
{
httpContext.Response.RedirectUser(UnAuthorizedUrl);
}
}
