ASP.NET Web API Authentication and Validation

Question

ASP.NET Web API Authentication and Validation

I am using ASP.NET Web API and using Authentication at http://stevescodingblog.co.uk/basic-authentication-with-asp-net-webapi/

It works well. If a request that does not have an Authorization header responds with an HttpStatusCode "Unauthorized".

But when some json data is sent from clients that have invalid column, the HttpStatusCode response is "Internal Server Error" even though the request has no authorization header.

[BasicAuthentication]
public HttpResponseMessage Create(Customer customer)
{
  // 
}
public class Customer{
  public int id{set;get;}
  public string name{set;get;}    
}

For example, post a POST method to / Create, Content-Type will be application / json and Request Body {"id": "abc", "name": "someone"} (id is wrong: not int but string) and have no header authorization. The HttpStatusCode response is "Internal Server Error" not "Unauthorized".

It is possible to instantiate the client before authorization. Do you know to change the authorization first?

0

authentication validation asp.net-web-api asp.net-mvc-3

taiji 31 Aug 12 at 8:49

source to share

1 answer

smlync · Accepted Answer · 2012-08-31T14:59:26+0000

If you've created your BasicAuthenthication attribute as an ActionFilterAttribute, you can try changing it to the AuthorizationFilterAttribute attribute. OnActionExecuting will then change to OnAuthorization. I think most of the rest should be pretty similar.

ASP.NET Web API Authentication and Validation

More articles: