public void ProcessRequest(HttpContext context) { ITicketManager ticketManager = InstanceContainer.TicketManager; if (!ticketManager.IsAuthorized(context)) { ticketManager.SignoutAndRedirectToLogin(); return; } this.User = context.User.Identity as IUserBasic; ProcessAuthorizedRequest(context); }
public override void OnAuthorization(AuthorizationContext filterContext) { ITicketManager ticketManager = InstanceContainer.TicketManager; bool isAuthorized = ticketManager.IsAuthorized(filterContext.HttpContext); // this information can be cached so we don't reflect on every call bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true); if (!skipAuthorization && !isAuthorized) { ticketManager.Signout(); // auth failed, redirect to login page filterContext.Result = new HttpUnauthorizedResult(); return; } }