/// <summary> /// Determines if the request is authorized by objects implementing /// <see cref="IRequestAuthorizationHandler" />. /// </summary> /// <returns> /// Returns zero if unauthorized, a value greater than zero if /// authorized otherwise a value less than zero if no handlers /// were available to answer. /// </returns> private static int IsAuthorized(HttpContext context) { Debug.Assert(context != null); int authorized = /* uninitialized */ -1; IEnumerator authorizationHandlers = GetAuthorizationHandlers(context).GetEnumerator(); while (authorized != 0 && authorizationHandlers.MoveNext()) { IRequestAuthorizationHandler authorizationHandler = (IRequestAuthorizationHandler)authorizationHandlers.Current; authorized = authorizationHandler.Authorize(context) ? 1 : 0; } return(authorized); }
private static IList <IRequestAuthorizationHandler> GetAuthorizationHandlers(HttpContext context) { Debug.Assert(context != null); object key = _authorizationHandlersKey; IList <IRequestAuthorizationHandler> handlers = (IList <IRequestAuthorizationHandler>)context.Items[key]; if (handlers == null) { const int capacity = 4; List <IRequestAuthorizationHandler> list = new List <IRequestAuthorizationHandler>(capacity); HttpApplication application = context.ApplicationInstance; IRequestAuthorizationHandler appReqHandler = application as IRequestAuthorizationHandler; if (appReqHandler != null) { list.Add(appReqHandler); } foreach (IHttpModule module in HttpModuleRegistry.GetModules(application)) { IRequestAuthorizationHandler modReqHander = module as IRequestAuthorizationHandler; if (modReqHander != null) { list.Add(modReqHander); } } if (list != null) { context.Items[key] = handlers = list.AsReadOnly(); } } return(handlers); }
public AuthorizationPipelineBehavior(IRequestAuthorizationHandler <TRequest> authorizationHandler) { _authorizationHandler = authorizationHandler; }