{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 做自己的国王 的问题《My Custom Authorize Attribute always fire, even wi》','https://www.manongdao.com/q-1013038.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I Have a Custom Authorize Attribute that always fire. I remove the configuration in global.asax and have no attributes in controllers/actions. Why?
public class ValidatePermissionAttribute : AuthorizeAttribute
{
private AuthorizationContext _context;
public override void OnAuthorization(AuthorizationContext context)
{
_context = context;
base.OnAuthorization(context);
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
bool isAuthorized = false;
//Use _context here
...
return isAuthorized;
}
}
My Global.asax:
public class MvcApplication : NinjectHttpApplication
{
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new LogActionAttribute());
//ValidatePermissionFilterProvider validatePermissionProvider = new ValidatePermissionFilterProvider();
//validatePermissionProvider.Add("Login", "Index");
//validatePermissionProvider.Add("Erro", "*");
//FilterProviders.Providers.Add(validatePermissionProvider);
}
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapRoute(
"Default", // Route name
"{controller}/{action}/{id}", // URL with parameters
new { controller = "Usuario", action = "Index", id = UrlParameter.Optional } // Parameter defaults
);
}
protected override void OnApplicationStarted()
{
DefaultModelBinder.ResourceClassKey = "ViewModelValidations";
AreaRegistration.RegisterAllAreas();
RegisterGlobalFilters(GlobalFilters.Filters);
RegisterRoutes(RouteTable.Routes);
Database.SetInitializer(new DatabaseInitializer());
}
protected override IKernel CreateKernel()
{
return DependencyResolverFactory.Instance.Kernel;
}
}
Discover the problem:
With answer of @DarinDimitrov I discover the problem, I'm using Ninject to inject a dependcy in my Filter, this is causing to fire in every Controller:
public class ApplicationServicesModule : NinjectModule
{
public override void Load()
{
this.BindFilter<ValidatePermissionAttribute>(FilterScope.First, null);
}
}
Only a custom attribute doesn't do anything. There must be some code that is registering it. It could be either registered as global action filter, you could have a controller/action decorated with it or you might have your dependency injection framework which registers it as a global action filter. Right click on the
ValidatePermissionAttributeand search where this class is being used. Normally VS will show you where you have registered it.If your controllers derive from a custom controller base class, you might want to check that to see if the attribute is present there also. You can also try to do a solution-wide Find Usages on the attribute name
ValidatePermissionAttributeto see if there's somewhere you missed it.EDIT: looking at your global.asax, I see that you are registering
LogActionAttribute-- is it possible that attribute derives from your other custom authorization attribute? I would try removing all custom registrations and filters to see if the problem persists