daohualiuxiang
/
AspNetCore.Docs
mirror of https://github.com/dotnet/AspNetCore.Docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add heading for handler registration (#4663) 

* add heading for handler registration

this will allow for an anchor link (I think, I know ## does, hoping ### does too).  this will help to fix "Illegal link: `[Authorization handlers must be registered](policies.md#security-authorization-policies-based-handler-registration)` -- missing bookmark." on aspnetcore/security/authorization/dependencyinjection.md

reference: https://opbuildstorageprod.blob.core.windows.net/report/2017%5C10%5C13%5C6a0d29ae-bb37-09f1-c55a-4cfa862c6784%5CPullRequest%5C201710131248087361-4562%5Cworkflow_report.html?sv=2015-02-21&sr=b&sig=GbG0qgcJNtJMXYbbzHZqcp2BJNdAKtUYmbwoSscw5IY%3D&st=2017-10-13T12%3A50%3A41Z&se=2017-11-13T12%3A55%3A41Z&sp=r

* change title to sentence case

* change ## titles to sentence case
pull/4675/head
Michael DePouw 2017-10-30 14:11:00 -04:00 committed by Scott Addie
parent 3636765f02
commit 5b1257452b
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
aspnetcore/security/authorization/policies.md
View File

@ -1,5 +1,5 @@
---
title: Custom Policy-Based Authorization
title: Custom policy-based authorization
author: rick-anderson
description:
keywords: ASP.NET Core,
@ -12,7 +12,7 @@ ms.technology: aspnet
ms.prod: asp.net-core
uid: security/authorization/policies
---
# Custom Policy-Based Authorization
# Custom policy-based authorization
<a name="security-authorization-policies-based"></a>
@ -71,7 +71,7 @@ A requirement doesn't need to have data or properties.
<a name="security-authorization-policies-based-authorization-handler"></a>
## Authorization Handlers
## Authorization handlers
An authorization handler is responsible for the evaluation of any properties of a requirement. The authorization handler must evaluate them against a provided `AuthorizationHandlerContext` to decide if authorization is allowed. A requirement can have [multiple handlers](policies.md#security-authorization-policies-based-multiple-handlers). Handlers must inherit `AuthorizationHandler<T>` where T is the requirement it handles.
@ -113,6 +113,7 @@ In the code above we first look to see if the current user principal has a date
<a name="security-authorization-policies-based-handler-registration"></a>
### Handler registration
Handlers must be registered in the services collection during configuration, for example;
```csharp
@ -206,7 +207,7 @@ services.AddAuthorization(options =>
}
```
## Accessing MVC Request Context In Handlers
## Accessing MVC request context in handlers
The `Handle` method you must implement in an authorization handler has two parameters, an `AuthorizationContext` and the `Requirement` you are handling. Frameworks such as MVC or Jabbr are free to add any object to the `Resource` property on the `AuthorizationContext` to pass through extra information.