"Authorize" attribute and 403 error page
Posted
by zerkms
on Stack Overflow
See other posts from Stack Overflow
or by zerkms
Published on 2010-04-05T14:04:33Z
Indexed on
2010/04/05
14:33 UTC
Read the original article
Hit count: 524
[Authorize] property is nice and handy MS invention, and I hope it can solve the issues I have now
To be more specific:
When current client isn't authenticated - [Authorize] redirects from secured action to logon page and after logon was successfull - brings user back, this is good.
But when current cilent already authenticated but not authorized to run specific action - all I need is to just display my general 403 page.
Is it possible without moving authorization logic within controller's body?
UPD: The behavior I need in should be semantically equals to this sketch:
public ActionResult DoWork()
{
if (!NotAuthorized())
{
return RedirectToAction("403");
}
return View();
}
so - there should no any redirect and url should be stay the same, but contents of the page should be replaced with 403-page
© Stack Overflow or respective owner