90a*_*yss 5 c# asp.net-mvc action-filter
我正在尝试审核控制器上的动作事件.我想跟踪经过身份验证的用户名,他的IP地址和被调用的控制器操作.
我的过滤码:
public class AuditAttribute : System.Web.Http.Filters.ActionFilterAttribute
{
public override void OnActionExecuting(HttpActionContext filterContext)
{
var request = filterContext.Request;
// get user name + ip address + controlleraction
base.OnActionExecuting(filterContext);
}
我在互联网上搜索只看到如何为Mvc而不是HTTP做的例子.例如,这里的链接讨论了如何审核Mvc的事件:http: //rion.io/2013/03/03/implementing-audit-trails-using-asp-net-mvc-actionfilters/
然而,这个链接讨论了如何捕获HTTP Web应用程序的IP地址:在Web API身份验证过滤器中捕获请求IP地址 但我很难遵循它.不确定将此代码放在哪里.
感谢您的帮助.
Vin*_*nod 15
尝试使用以下代码.
更新: 对于asp.net web api,请试试这个
public class AuditAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(HttpActionContext actionContext)
{
var context = actionContext.RequestContext;
var user = context.Principal.Identity.IsAuthenticated ? context.Principal.Identity.Name : string.Empty;
var ip = GetClientIpAddress(actionContext.Request);
var action = actionContext.ActionDescriptor.ActionName;
var controller = actionContext.ActionDescriptor.ControllerDescriptor.ControllerName;
base.OnActionExecuting(actionContext);
}
private string GetClientIpAddress(HttpRequestMessage request)
{
if (request.Properties.ContainsKey("MS_HttpContext"))
{
return IPAddress.Parse(((HttpContextBase)request.Properties["MS_HttpContext"]).Request.UserHostAddress).ToString();
}
if (request.Properties.ContainsKey("MS_OwinContext"))
{
return IPAddress.Parse(((OwinContext)request.Properties["MS_OwinContext"]).Request.RemoteIpAddress).ToString();
}
return String.Empty;
}
}
对于asp.net MVC,你可以试试这个
public class AuditAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
// get user name + ip address + controlleraction
var controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var action = filterContext.ActionDescriptor.ActionName;
var ip = filterContext.HttpContext.Request.UserHostAddress;
var dateTime = filterContext.HttpContext.Timestamp;
var user = GetUserName(filterContext.HttpContext);
}
private string GetUserName(HttpContext httpContext)
{
var userName = string.Empty;
var context = httpContext.Current;
if (context != null && context.User != null && context.User.Identity.IsAuthenticated)
{
userName = context.User.Identity.Name;
}
else
{
var threadPincipal = Thread.CurrentPrincipal;
if (threadPincipal != null && threadPincipal.Identity.IsAuthenticated)
{
userName = threadPincipal.Identity.Name;
}
}
return userName;
}
}
更新2:检索客户端IP地址始终是一件棘手的事情,因为有许多因素需要考虑.客户如何访问该应用程序?他们是通过代理服务器来的吗?IP地址可能是欺骗性的,因此没有100%可靠的方法.查看Http Headers将为您提供web api和mvc的一定程度的成功.但是你总是要考虑到客户端IP无效的情况.
try this
using System.Web;
and use this
HttpContext.Current.Request.UserHostAddress
| 归档时间: |
|
| 查看次数: |
7261 次 |
| 最近记录: |