OData / RESTier

A turn-key library for building RESTful services
http://odata.github.io/RESTier
Other
472 stars 135 forks source link

Authentication: "endpoint-wide" [Authorize], access to the current Principal ? #366

Closed ivanko2000 closed 8 years ago

ivanko2000 commented 8 years ago

This is a question; the answer might be obvious, but not to me, since I am a newbie...

I am experimenting with securing the RESTier endpoint with something as simple as Basic Authentication (e.g. using WebApi2 IAuthenticationFilter) and applying a simple filter to an entity set based on the authenticated user (Principal), with little success:

I would appreciate any advice or clarification.

rayao commented 8 years ago

Does Thread.CurrentPrinciple work?

ivanko2000 commented 8 years ago

Thread.CurrentPrincipal does indeed work. Thank you!

Found a solution for the second part of my question as well [WebApiConfig.Register: config.Filters.Add(new AuthorizeAttribute());]