Public override void OnAuthorization(.HttpActionContext actionContext) In order to secure Products, the following steps needs to be taken: 1.Ĝreate a custom AuthorizeAttribute for the basic authenticationĪdd a class to your project as follows: public class HttpBasicAuthorizeAttribute : AuthorizeAttribute In this post, we implemented an OData API which has only one entity type Product and exposes only one entity set Products.
Suppose you already have a working OData service project. Supporting basic authentication over HTTPS is relatively easy for OData Web API. They MAY support other authentication methods.
OData Services requiring authentication SHOULD consider supporting basic authentication as specified in over HTTPS for the highest level of interoperability with generic clients. OData Protocol Version 4.0 has the following specification in section 12.1 Authentication: Secure an OData Web API using basic authentication over HTTPS The service library we use is ASP.NET Web API for OData V4.0. The authentication methods we use in this post is the basic authentication over HTTPS. That is to say, you may secure an OData API in any way you can secure a generic RESTful API. The fact is that using OData is orthogonal to authentication and authorization. The name “Open Data Protocol” and the way we evangelize it (by focusing on how open a protocol it is and how it provides interoperability) may give people the impression that OData APIs doesn’t work with authentication and authorization.
We’re often asked by people if OData APIs can be secured. OData AspNet WebApi V7# OData Webapi for Webapi supported Applies To:# OData WebApi v7 for aspnet webapi supported
0 kommentar(er)
