How to know if the current path is a secure path or not, in ASP.NET
Consider that a request is sent to this path:
http://domain/users/1534
This URL is in public security, so everyone can see it without being authenticated in the site (without being logged in).
Now consider that another URL should be secure:
http://domain/admin/update-user
This URL should pass the authentication process.
Now, In my code, somewhere I need to know if the current path is a secure path or not (ple开发者_C百科ase don't ask why, and also by secure path I don't mean SSL, I'm just talking about paths for which login is required).
How can I know that HttpContext.Request.Url.AbsolutePath
is a secure path?
Update: What I need is something like:
SecurityHelper.ShouldCurrentRequestPathBeAuthenticated(Request.Url.AbsolutePath)
It depends on how you implement the authorization process. Somewhere you will need to define it, so that's how you know if it's secure path.
Standard ASP.NET would use the location/security settings in this case.
If your using standard authentication/authorization
then I believe you can use CheckUrlAccessForPrincipal.
UrlAuthorizationModule.CheckUrlAccessForPrincipal(virtualPath, user, verb);
精彩评论