European ASP.NET MVC 4 and MVC 5 Hosting

BLOG about ASP.NET MVC 3, ASP.NET MVC 4, and ASP.NET MVC 5 Hosting and Its Technology - Dedicated to European Windows Hosting Customer

ASP.NET MVC Hosting - HostForLIFE.eu :: Attribute Routing With ASP.net MVC 5 - Route Constraints

clock February 5, 2014 17:09 by author Peter

This Article shows how to use the Latest ASP.net MVC 5 Attribute Routing's Route Constraints with your Application. You can read the first part of this Article here 'Attribute Routing With ASP.net MVC 5. If you want to be more familiar with ASP.NET MVC 5, you should try HostForLife.eu.

How to set Route Constraints ?
It allows you to restrict the parameters in the route template are matched
The syntax is {parameter:constraint}

PetController.cs

public class PetController : Controller
{
[Route("Pet/{petId:int}")]
public ActionResult GetSpecificPetById(int petId)
{
return View();
}
}

Key points of the above code:
- In the above example, /Pet/8 will Route to the “GetSpecificPetById” Action.
- Here the route will only be selected, if the "petId" portion of the URI is an integer.
Above Route on Browser is as below

The following diagram shows the constraints that are supported

How to apply multiple constraints to a parameter ?

You can apply multiple constraints to a parameter, separated by a colon.
Well,It's like this  [Route("Pet/{petId:int:min(1)}")]

PetController.cs
public class PetController : Controller
{
[Route("Pet/{petId:int:min(1)}")]
public ActionResult GetSpecificPetById(int petId)
{
return View();
}
}

Key points of the above code
In the above example,You can't use  /Pet/10000000000 ,because it is larger than int.MaxValue
And also you can't use /Pet/0 ,because of the min(1) constraint.

How to Specifying that a parameter is Optional ?
You can do it by Specifying that a parameter is Optional (via the '?' modifier).
This should be done after inline constraints.
Well,it's like this  [Route("Pet/{message:maxlength(4)?}")]

PetController.cs

// eg: /Pet/good
[Route("Pet/{message:maxlength(4)?}")]
public ActionResult PetMessage(string message)
{
return View();
}

Key points of the above code
In the above example, /Pet/good and /Pet will Route to the “PetMessage” Action.
The route /Pet also works hence of the Optional modifier.
But /Pet/good-bye will not route above Action , because of the maxlength(4) constraint.

Above Routes on Browser are as below


Tags: , , ,
Categories:
Actions: E-mail | Kick it! | Permalink | commentComments (0) | RSS comment feedComment RSS

ASP.NET MVC 5 European Hosting - HostForLIFE.eu :: Authentication Filters in ASP.NET MVC 5

clock February 4, 2014 07:18 by author Peter

Filters are used to perform logic either before an action method is called or after an action method runs. Filters are custom classes that provide both a declarative and programmatic means to add pre-action and post-action behaviour to controller action methods. This topic contains only brief information about ASP.NET MVC 5. If you want to be more familiar with ASP.NET MVC 5, you should try HostForLife.eu.

Prior to ASP.NET MVC 5, there are 4 types of filters:

  1. Authorization filters (IAuthorizationFilter)
  2. Action filters (IActionFilter)
  3. Result filters (IResultFilter)
  4. Exception filters (IExceptionFilter)

Prior to ASP.NET MVC 5 we are using the [Authorization] attribute to enforce role-based security within the ASP.NET MVC applications. ASP.NET MVC 5 introduces the new Authentication filters (IAuthenticationFilter).

Authentication filters are a new kind of filter in ASP.NET MVC that run prior to authorization filters in the ASP.NET MVC pipeline and allow you to specify authentication logic per-action, per-controller, or globally for all controllers. Authentication filters process credentials in the request and provide a corresponding principal. Authentication filters can also add authentication challenges in response to unauthorized requests.
The reason for introducing authentication filters is to separate authentication from authorization (authentication first, then authorization):

  1. Authentication is for establishing a principal for current request
  2. Authorization is to verify whether or not the current principal is permitted to execute current request

We can use the IAuthenticationFilter (System.Web.Mvc.Filters) to create a custom authentication filter. Here is the definition of IAuthenticationFilter:

namespace System.Web.Mvc.Filters

{
  public interface IAuthenticationFilter
  {
    void OnAuthentication(AuthenticationContext filterContext);
    void OnAuthenticationChallenge(AuthenticationChallengeContext filterContext);  
}
}

IAuthenticationFilter interface provides two methods:
- OnAuthentication(AuthenticationContext filterContext). This method is used to authenticates the request & it provides the context to use for authentication.
- OnAuthenticationChallenge(AuthenticationChallengeContext filterContext). This method adds an authentication challenge to the current ActionResult & it provides the context to use for the authentication challenge.

We can use authentication filters to allow users to authenticate to the application from various third-party vendors (facebook, linkedin, twitter etc…) or a custom authentication provider.

If look into real implementation details by comparing IAuthorizationFilter & IAuthenticationFilter, IAuthenticationFilter’s OnAuthentication(…) method has AuthenticationContext parameter which has Principal object.

When ControllerActionInvoker class InvokeAction()  method is executed to Invoke an Action method, first it will iterate through the all Authentication filters OnAuthentication() methods. Then replace the original Principal object on the HttpContext in case if the Principal is changed by Authentication filters OnAuthentication() method.

protected virtual AuthenticationContext InvokeAuthenticationFilters(ControllerContext controllerContext,
IList<IAuthenticationFilter> filters,
ActionDescriptor actionDescriptor)
{
   if (controllerContext == null)
   throw new ArgumentNullException("controllerContext");
   IPrincipal user = controllerContext.HttpContext.User;
   AuthenticationContext filterContext = new AuthenticationContext(controllerContext,actionDescriptor, user);
   foreach (IAuthenticationFilter authenticationFilter in (IEnumerable<IAuthenticationFilter>) filters)
   {
     authenticationFilter.OnAuthentication(filterContext);
     if (filterContext.Result != null)
        break;
   }
    IPrincipal principal = filterContext.Principal;
    if (principal != user)
   {
     filterContext.HttpContext.User = principal;
     Thread.CurrentPrincipal = principal;
   }
    return filterContext;
}

This is give us ability to modify the original Principal object using authentication filter’s.  Here is the story with OnAuthenticationChallenge() method.

protected virtual AuthenticationChallengeContext
InvokeAuthenticationFiltersChallenge(ControllerContext controllerContext,
IList<IAuthenticationFilter> filters,
ActionDescriptor actionDescriptor, ActionResult result)
{
AuthenticationChallengeContext filterContext = new AuthenticationChallengeContext(controllerContext,
actionDescriptor, result);
foreach (IAuthenticationFilter authenticationFilter in (IEnumerable<IAuthenticationFilter>) filters)
authenticationFilter.OnAuthenticationChallenge(filterContext);
return filterContext;
}


Tags: , , ,
Categories:
Actions: E-mail | Kick it! | Permalink | commentComments (0) | RSS comment feedComment RSS

About HostForLIFE.eu

HostForLIFE.eu is European Windows Hosting Provider which focuses on Windows Platform only. We deliver on-demand hosting solutions including Shared hosting, Reseller Hosting, Cloud Hosting, Dedicated Servers, and IT as a Service for companies of all sizes.

We have offered the latest Windows 2016 Hosting, ASP.NET Core 2.2.1 Hosting, ASP.NET MVC 6 Hosting and SQL 2017 Hosting.


Tag cloud

Sign in

Powered by BlogEngine.NET 1.5.0.7 | Original Design by Arcsin, Adapted by RazorAnt