protected void HandleUnauthorizedRequest(AuthorizationHandlerContext context) { //(context.Resource as AuthorizationFilterContext).HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized; var obj = ApiResultObj.ReturnExpResult("AppKey或AppSecret错误"); var memory = new MemoryStream(); using (StreamWriter writer = new StreamWriter(memory)) { writer.Write(obj); } (context.Resource as AuthorizationFilterContext).HttpContext.Response.Body = memory; //context. }