Class BasicAuthenticationFilter

Generic Basic Authentication filter that checks for basic authentication headers and challenges for authentication if no authentication is provided Sets the Thread Principle with a GenericAuthenticationPrincipal.

You can override the OnAuthorize method for custom auth logic that might be application specific.

System.Object
  System.Attribute
    System.Web.Http.Filters.FilterAttribute
      System.Web.Http.Filters.AuthorizationFilterAttribute
        Westwind.Web.WebApi.BasicAuthenticationFilter
public class BasicAuthenticationFilter : AuthorizationFilterAttribute

Remarks

Always remember that Basic Authentication passes username and passwords from client to server in plain text, so make sure SSL is used with basic auth to encode the Authorization header on all requests (not just the login).

Class Members

MemberDescription

Constructor

OnAuthorization

Override to Web API filter method to handle Basic Auth check

public virtual void OnAuthorization(HttpActionContext actionContext)

Requirements

Namespace: Westwind.Web.WebApi
Assembly: westwind.web.webapi.dll

© West Wind Technologies, 1996-2016 • Updated: 12/12/15
Comment or report problem with topic