Different authentication mechanisms for different asp.net web api controllers

Question

I am building a RESTful webservice using ASP.NET web api. I have 2 controllers, for one controller I want to use Basic auth and for the other controller I want to use token based authentication. Is this possible?

thanks, Pradeep

Answer 1

Have a look at the new authentication filters in Web API v2. They are specifically made for the purpose to annotate controllers or actions with authentication methods.

Either you implement the authentication method right into the controller - or use OWIN/Katana to call back into authentication middleware.

See here for Basic Authentication middleware: https://github.com/thinktecture/Thinktecture.IdentityModel/tree/master/source/Thinktecture.IdentityModel.Owin/Basic%20Authentication