11

我正在研究 ASPNET MVC 4 和 WebApi。webapi 方法将被移动设备使用。我们需要保护服务,我们使用的是以某种特定方式加密数据。

现在,我需要在到达控制器之前解密调用。如果解密的信息是有效的,它应该像往常一样继续到控制器,如果不是,我会将用户路由到一些错误方法。

要做到这一点,我认为最好的选择是自定义 HttpHandler 和自定义 RouteHandler。我在这里按照教程

 public class MvcSecurityRouteHandler:IRouteHandler 
   { 
       public System.Web.IHttpHandler GetHttpHandler(RequestContext requestContext) 
       { 
          return new MvcSecurityHttpHandler(requestContext); 
       }
   }

public class MvcSecurityHttpHandler : IHttpHandler, System.Web.SessionState.IRequiresSessionState, IRouteHandler
    {
        public RequestContext RequestContext { get; set; }

        public MvcSecurityHttpHandler(RequestContext requestContext)
        {
            this.RequestContext = requestContext;
        }

        public bool IsReusable
        {
            get { return true; }
        }

        public void ProcessRequest(HttpContext httpContext)
        {
            var controllerId = RequestContext.RouteData.GetRequiredString("controllerId");
            IController controller = null;
            IControllerFactory factory = null;
            try
            {
                factory = ControllerBuilder.Current.GetControllerFactory();
                controller = factory.CreateController(RequestContext, controllerId);
                if (controller != null)
                {
                    controller.Execute(RequestContext);
                }
            }
            finally
            {
                factory.ReleaseController(controller);
            }

            //string originalPath = httpContext.Request.Path;
            //HttpContext.Current.RewritePath(httpContext.Request.ApplicationPath, false);
            //IHttpHandler httpHandler = new MvcHttpHandler();
            //httpHandler.ProcessRequest(HttpContext.Current);
            //HttpContext.Current.RewritePath(originalPath, false);
        }

        public IHttpHandler GetHttpHandler(RequestContext requestContext)
        {
            throw new NotImplementedException();
        }
    }

public class RouteConfig
    {
        public static void RegisterRoutes(RouteCollection routes)
        {
            routes.IgnoreRoute("{resource}.axd/{*pathInfo}");

            var defaults = new RouteValueDictionary
                {{"controllerId", "Home"},{"action", "Index"},{"id", string.Empty}};

            var customRoute = new Route("{controllerId}/{action}/{id}", defaults, new MvcSecurityRouteHandler());
            routes.Add(customRoute);

            routes.MapRoute(
                name: "DefaultWebApi",
                url: "{controller}/{action}/{id}",
                defaults: new
                    {
                        controller = "Home",
                        action = "Index",
                        id = UrlParameter.Optional
                    });
        }
    }

全球.asax.cs

 public static void RegisterRoutes(RouteCollection routes)
        {
            routes.IgnoreRoute("{resource}.axd/{*pathInfo}");

            var defaults = new RouteValueDictionary
                {{"controllerId", "Home"},{"action", "Index"},{"id", string.Empty}};

            var customRoute = new Route("{controllerId}/{action}/{id}", defaults, new MvcSecurityRouteHandler());
            routes.Add(customRoute);
        }

并在 Application_Start

RegisterRoutes(RouteTable.Routes);

服务启动后,我在 ProcessRequest 中创建了一个断点,它没有被命中。可能缺少什么?这是正确的做法吗?

4

1 回答 1

7

如果您还没有,您需要先在 global.asax 或您的 web.config 文件中注册处理程序。

http://msdn.microsoft.com/en-us/library/46c5ddfy(v=vs.100).aspx

于 2012-11-27T21:14:14.040 回答