对WebAPI接口的开放当然要做控制,需要身份验证如何做到呢、
进行身份验证后的
服务器拒绝了访问!
第一步添加一个CustomHandler.cs的类
1: using System;
2: using System.Collections.Generic;
3: using System.Linq;
4: using System.Web;
5: using System.Threading.Tasks;
6: using System.Net.Http;
7: using System.Text;
8: using System.Net;
9:
10: namespace MvcApplication1.Handler
11: {
12: public class customHandler : DelegatingHandler
13: {
14: protected override System.Threading.Tasks.Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
15: {
16: int matchHeaderCount = request.Headers.Count((item) =>
17: {
18: if ("key".Equals(item.Key))
19: {
20: foreach (var str in item.Value)
21: {
22: if ("11234".Equals(str))
23: {
24: return true;
25: }
26: }
27: }
28: return false;
29: });
30: if (matchHeaderCount > 0)
31: {
32: return base.SendAsync(request, cancellationToken);
33: }
34: return Task.Factory.StartNew<HttpResponseMessage>(() => { return new HttpResponseMessage(HttpStatusCode.Forbidden); });
35: }
36: }
37: }
第二步部署一下就ok了
1: using System;
2: using System.Collections.Generic;
3: using System.Linq;
4: using System.Web;
5: using System.Web.Http;
6: using System.Web.Mvc;
7: using System.Web.Optimization;
8: using System.Web.Routing;
9: using MvcApplication1.Handler;
10:
11: namespace MvcApplication1
12: {
13: // 注意: 有关启用 IIS6 或 IIS7 经典模式的说明,
14: // 请访问 http://go.microsoft.com/?LinkId=9394801
15:
16: public class WebApiApplication : System.Web.HttpApplication
17: {
18: protected void Application_Start()
19: {
20: AreaRegistration.RegisterAllAreas();
21:
22: WebApiConfig.Register(GlobalConfiguration.Configuration);
23: FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
24: RouteConfig.RegisterRoutes(RouteTable.Routes);
25: BundleConfig.RegisterBundles(BundleTable.Bundles);
26:
GlobalConfiguration.Configuration.MessageHandlers.Add(new customHandler());
27: }
28: }
29: }
添加最后一行就ok了。
客户端访问也只要在
request的Headers添加验证信息就可以了,当然android客户端具体怎么访问还在学习中。