I have several implementations IHttpHandlerwhere they can, if necessary, apply authentication to them.
I initially performed my own basic authentication, but now I would like to use the capabilities of IIS so that the user performing the deployment can control what type of authentication they use, and the handlers just look to see if the current user is allowed to perform the actions they request.
Determining whether the user can perform the action and return 401/403 is simple enough, but I cannot figure out how to get IIS to add a response to the appropriate HTTP headers that asks the client to send back the authority. I can add them manually, but then I can really implement basic authentication (this is what I did initially), and that brings me back to the square.
Is there any magic method that I can call that tells me to HttpContextadd the appropriate headers to the response?
And, as a rule, this is what I try to do even possible, without resorting to implementing IHttpModuleASP.Net page life cycle authentication events to intervene in authentication events?
source
share