/// <summary> /// Occurs before the action method is invoked. /// </summary> /// <param name="actionContext">The action context.</param> public override void OnActionExecuting(HttpActionContext actionContext) { actionContext.ArgumentMustNotBeNull("actionContext"); if (actionContext != null) { var checkStatisticGate = this.Instance.CheckStatisticGate; // for performance reason only read this once var checkRequestGate = this.Instance.CheckRequestGate; // for performance reason only read this once var httpContextBase = actionContext.Request.Properties["MS_HttpContext"] as HttpContextBase; var requestBase = httpContextBase == null ? null : httpContextBase.Request; var gateClosed = this.ContextProcessors.Any(processor => { var clientId = processor.IdExtractor.Extract(httpContextBase); return((checkStatisticGate && !this.Instance.StatisticsGate(clientId, processor.Statistics)) || (checkRequestGate && !this.Instance.RequestGate(clientId, requestBase))); }); if (gateClosed) { actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); return; } } base.OnActionExecuting(actionContext); }
/// <summary> /// Creates an audit writer and logs the exception. /// </summary> /// <param name="filterContext">The current filter context to get the user and the action.</param> /// <param name="exception"> The exception. </param> protected void AuditFailure(HttpActionContext filterContext, Exception exception) { var audit = this.Audit ?? (this.Audit = this.CreateAudit()); if (audit == null) { return; } filterContext.ArgumentMustNotBeNull("filterContext"); // todo: find the current user name audit.AuthenticationCheckFailed(new AuditInfo <string>("user not known", exception.Message)); }