在研究了 elmah 源代码和这篇文章http://dotnetslackers.com/articles/aspnet/Securing-ELMAH-with-Independent-HTTP-Authentication.aspx后,我找到了解决方案。用户可以为我接下来做的自定义 IHttpModule 实现 IRequestAuthorizationHandler:
public class SitecoreAuthModule :IHttpModule, IRequestAuthorizationHandler
{
public bool Authorize(HttpContext context)
{
return SC.Context.User.IsAdministrator;
}
public void Init(HttpApplication context)
{
context.AuthenticateRequest += new EventHandler(ContextAuthenticateRequest); ;
}
void ContextAuthenticateRequest(object sender, EventArgs e)
{
var context = sender as HttpApplication;
if (context.Request.Path.IndexOf("elmah.axd",
StringComparison.InvariantCultureIgnoreCase) < 0)
return;
}
public void Dispose()
{
}
}