"Authorize" attribute and 403 error page

Posted by zerkms on Stack Overflow See other posts from Stack Overflow or by zerkms
Published on 2010-04-05T14:04:33Z Indexed on 2010/04/05 14:33 UTC
Read the original article Hit count: 524

[Authorize] property is nice and handy MS invention, and I hope it can solve the issues I have now

To be more specific:

When current client isn't authenticated - [Authorize] redirects from secured action to logon page and after logon was successfull - brings user back, this is good.

But when current cilent already authenticated but not authorized to run specific action - all I need is to just display my general 403 page.

Is it possible without moving authorization logic within controller's body?

UPD: The behavior I need in should be semantically equals to this sketch:

public ActionResult DoWork()
{
    if (!NotAuthorized())
    {
        return RedirectToAction("403");
    }

    return View();
}

so - there should no any redirect and url should be stay the same, but contents of the page should be replaced with 403-page

© Stack Overflow or respective owner

Related posts about .NET

Related posts about asp.net-mvc