-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make AbpMvcAuthorizeFilter and AbpApiAuthorizeFilter overridable #1256
Comments
Yes, it has changed. You can try to create a custom auth filter. |
I changed AbpApiAuthorizeAttribute and AbpApiAuthorizeFilter classes a bit to allow override methods. So, you can do these to override AbpMvcAuthorizeFilter for example:
Note: You can do same for AbpApiAuthorizeFilter if you need. |
great! |
@hikalkan I tried above solution and override below method in my filter, but I can see the default filter is still used in the logging when the AbpAuthorizationException been threw so my custom filter method seems not get chance to run. (this is a project with Abp 2.2.2). Anything changed since the above post? Abp.Authorization.AbpAuthorizationException:
|
@JamesAtGitHub how do you use your custom filter ? |
@ismcagdas just followed the step 3 in above comments from hikalkan |
@JamesAtGitHub sorry :). Can you try |
@ismcagdas still not work, this is the method:
|
@JamesAtGitHub what are the values in GlobalFilters.Filters after the line |
@ismcagdas ok two issues found: |
@JamesAtGitHub I ran into the same issue, though totally unrelated to this project. When I passed in the |
@ismcagdas I tried @Sniels suggestion and can see my custom filter added in the global filters, but trying to access a page without permission, the HandleUnauthorizedRequest method in my custom filter didn't triggered. any suggestion or other way to try that I can make a global handler to deal with unauthorized request and show a user friendly message? |
@JamesAtGitHub could you show how do you add your custom AuthFilter ? And it's code if it is possible ? |
here's the code @ismcagdas public override void PostInitialize()
{
var defaultFilter = GlobalFilters.Filters.Single(f => f.Instance is AbpMvcAuthorizeFilter).Instance;
GlobalFilters.Filters.Remove(defaultFilter);
GlobalFilters.Filters.Add(IocManager.Resolve< MyMvcAuthorizeFilter >(), 0);
} |
Set a lower order: GlobalFilters.Filters.Add(IocManager.Resolve<MyMvcAuthorizeFilter>(), order: -2); |
this works @acjh thanks! |
hmm further this works with anonymous user trying to access protected actions, while not work when authenticated user trying to access controllers/actions without permission granted with AbpMvcAuthorize |
In the previous version,There is not
AbpMvcAuthorizeFilter
,There is only
AbpMvcAuthorizeAttribute
. And I override this and overrideOnAuthorization
to redirect a different page when Unauthorized.but in lastest version.I find that there is
AbpMvcAuthorizeFilter
andAbpMvcAuthorizeAttribute
.in the
AbpMvcAuthorizeFilter
,_authorizationHelper.Authorize(methodInfo);
has be called.how to override AbpMvcAuthorizeFilter or AbpMvcAuthorizeAttribute to redirect a different page when Unauthorized?
Thanks!
The text was updated successfully, but these errors were encountered: