What is the difference between the following two ways of accessing the principle via an AuthorizeAttribute
implementation?
Using HttpContext
:
protected override bool IsAuthorized(HttpActionContext actionContext)
{
return HttpContext.Current.User.IsInRole("DemoRole");
}
Using HttpActionContext
:
protected override bool IsAuthorized(HttpActionContext actionContext)
{
return actionContext.RequestContext.Principal.IsInRole("DemoRole");
}
来源:https://stackoverflow.com/questions/28235979/web-api-2-httpcontext-or-httpactioncontext