public void ProcessRequest(HttpContext context)
{
ITicketManager ticketManager = InstanceContainer.TicketManager;
if (!ticketManager.IsAuthorized(context))
{
ticketManager.SignoutAndRedirectToLogin();
return;
}
this.User = context.User.Identity as IUserBasic;
ProcessAuthorizedRequest(context);
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
ITicketManager ticketManager = InstanceContainer.TicketManager;
bool isAuthorized = ticketManager.IsAuthorized(filterContext.HttpContext);
// this information can be cached so we don't reflect on every call
bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) ||
filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true);
if (!skipAuthorization &&
!isAuthorized)
{
ticketManager.Signout();
// auth failed, redirect to login page
filterContext.Result = new HttpUnauthorizedResult();
return;
}
}
