/// <summary> /// 在需要授权时调用。 /// </summary> /// <param name="filterContext">筛选器上下文。</param> public virtual void OnAuthorization(AuthorizationContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } if (OutputCacheAttribute.IsChildActionCacheActive(filterContext)) { throw new InvalidOperationException("AuthorizeAttribute_CannotUseWithinChildActionCache"); } if (filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true)) { return; } IFunction function = filterContext.GetExecuteFunction(ServiceProvider); AuthorizationResult result = AuthorizeCore(filterContext.HttpContext, function); if (result.ResultType != AuthorizationResultType.Allowed) { HandleUnauthorizedRequest(filterContext, result); } else { HttpCachePolicyBase cache = filterContext.HttpContext.Response.Cache; cache.SetProxyMaxAge(new TimeSpan(0L)); cache.AddValidationCallback(CacheValidateHandler, function); } }