- ASP.NET Web API Security Essentials
- Rajesh Gunasundaram
- 72字
- 2025-02-26 10:41:22
Custom authorization filters
To implement a custom authorization filter, we need to create a class that derives either AuthorizeAttribute, AuthorizationFilterAttribute, or IAuthorizationFilter.
AuthorizeAttribute: An action is authorized based on the current user and the user's roles.AuthorizationFilterAttribute: Synchronous authorization logic is applied and it may not be based on the current user or role.IAuthorizationFilter: BothAuthorizeAttributeandAuthorizationFilterAttributeimplementIAuthorizationFilter.IAuthorizationFilteris to be implemented if advanced authorization logic is required.