public object AfterReceiveRequest(ref Message request, System.ServiceModel.IClientChannel channel, System.ServiceModel.InstanceContext instanceContext) { string sign; string userSysNo; string timeZone; string userAcct; string displayName; if (WebOperationContext.Current.IncomingRequest.Method.ToLower() == "get") { var type = GetQueryStringValue(WebOperationContext.Current.IncomingRequest, ACCEPT_TYPE); if (type != null && type.Length != 0) { WebOperationContext.Current.IncomingRequest.Headers["Accept"] = type; } var languageCode = GetQueryStringValue(WebOperationContext.Current.IncomingRequest, LANGUAGE_CODE); if (languageCode != null && languageCode.Length != 0) { WebOperationContext.Current.IncomingRequest.Headers[X_ACCEPT_LANGUAGE_OVERRIDE] = languageCode; } sign = GetQueryStringValue(WebOperationContext.Current.IncomingRequest, Portal_Sign); userSysNo = GetQueryStringValue(WebOperationContext.Current.IncomingRequest, Portal_UserSysNo); if (userSysNo != null && userSysNo.Trim().Length > 0) { WebOperationContext.Current.IncomingRequest.Headers.Add(X_User_SysNo, HttpUtility.UrlEncode(userSysNo.Trim())); } timeZone = GetQueryStringValue(WebOperationContext.Current.IncomingRequest, Portal_TimeZone); if (timeZone != null && timeZone.Trim().Length > 0) { WebOperationContext.Current.IncomingRequest.Headers.Add(X_Portal_TimeZone, timeZone.Trim()); } userAcct = GetQueryStringValue(WebOperationContext.Current.IncomingRequest, Portal_UserAcct); if (userAcct != null && userAcct.Trim().Length > 0) { WebOperationContext.Current.IncomingRequest.Headers.Add(X_User_Acct, HttpUtility.UrlEncode(userAcct.Trim())); } displayName = GetQueryStringValue(WebOperationContext.Current.IncomingRequest, Portal_UserDisplayName); if (displayName != null && displayName.Trim().Length > 0) { WebOperationContext.Current.IncomingRequest.Headers.Add(X_User_Display_Name, HttpUtility.UrlEncode(displayName.Trim())); } } else { var requestContentType = WebOperationContext.Current.IncomingRequest.Headers["Content-Type"]; var agent = WebOperationContext.Current.IncomingRequest.Headers["User-Agent"]; bool isFirefox = agent != null && agent.ToUpper().Contains("FIREFOX"); if (isFirefox && !string.IsNullOrWhiteSpace(requestContentType)) // 针对.net 4.5的iis对firefox浏览器的http请求,无法读取到正常的accpt问题 { WebOperationContext.Current.IncomingRequest.Headers["Accept"] = requestContentType; } sign = WebOperationContext.Current.IncomingRequest.Headers[X_Portal_Sign]; userSysNo = WebOperationContext.Current.IncomingRequest.Headers[X_User_SysNo]; if (!string.IsNullOrWhiteSpace(userSysNo)) { userSysNo = HttpUtility.UrlDecode(userSysNo); } timeZone = WebOperationContext.Current.IncomingRequest.Headers[X_Portal_TimeZone]; userAcct = WebOperationContext.Current.IncomingRequest.Headers[X_User_Acct]; if (!string.IsNullOrWhiteSpace(userAcct)) { userAcct = HttpUtility.UrlDecode(userAcct); } displayName = WebOperationContext.Current.IncomingRequest.Headers[X_User_Display_Name]; if (!string.IsNullOrWhiteSpace(displayName)) { displayName = HttpUtility.UrlDecode(displayName); } } bool needCheck = true; if (needCheck && (userSysNo != null || timeZone != null || userAcct != null)) { byte[] array = MD5.Create().ComputeHash(Encoding.UTF8.GetBytes(userSysNo + userAcct + timeZone + SIGN_KEY)); string newSign = Convert.ToBase64String(array); if (sign.Trim() != newSign) { throw new ApplicationException("The sign of request is error."); } } if (WebOperationContext.Current.IncomingRequest.UriTemplateMatch != null) { string url = request.Headers.To.AbsolutePath; string urlTemplate = WebOperationContext.Current.IncomingRequest.UriTemplateMatch.Template.ToString(); string methodName = WebOperationContext.Current.IncomingRequest.UriTemplateMatch.Data.ToString(); IAuthorize authorizer = ServiceConfig.GetAuthorizer(); if (authorizer != null && !authorizer.Check(userSysNo, methodName, urlTemplate, url)) { throw new ApplicationException("Not authorized to access '" + url + "' for user '" + userSysNo + "'."); } } return(null); }