Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ASP.Net MVC 3 Redirect UnAuthorized User not to loginUrl

Tags:

redirect

roles

asp.net-mvc-3

unauthorized

asp.net-membership

i have a project using ASP.Net MVC3 and using membership for roles. i use authorize in every controller. eg:

[Authorize(Roles = "Administrator")]
    public ActionResult Index(string q, int i)
    {
      return View(model);
    }

if someone doesnt have role for administrator, then it will redirect to login page by default. how to change it,so it will redirect into Views/Shared/UnAuthorize.cshtml ? or maybe if someone doesnt have role for administrator, it will show message box (alert) ?

thanks in advance.

like image 376
ntep vodka Avatar asked Oct 05 '11 02:10

ntep vodka

2 Answers

i solved my problem. i only do this :

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;

public class MyAuthorize : AuthorizeAttribute
{
   protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
   {
     //you can change to any controller or html page.
     filterContext.Result = new RedirectResult("/cpanel/roles/unauthorize");

   }
 }

and apply MyAuthorize to class or action:

[MyAuthorize]
public class AdminController :Controller
{
}

thats it.

like image 89
ntep vodka Avatar answered Nov 11 '22 15:11

ntep vodka

Just change the page that have to be shown in the web.config (check that the route exists)

<authentication mode="Forms">
  <forms loginUrl="~/UnAuthorize" timeout="2880" />
</authentication>

If you, instead, want to redirect to a specific path for every roles you can extend the AuthorizeAttribute with your own. Something like this (not tested, I write this to give you an idea)

public class CheckAuthorize : ActionFilterAttribute
{
  public Roles[] Roles { get; set; }
  public override void OnActionExecuting(ActionExecutingContext filterContext)
  {
    //Your code to get the user
    var user = ((ControllerBase)filterContext.Controller).GetUser();

    if (user != null)
    {
      foreach (Role role in Roles)
      {
        if (role == user.Role)
          return;
      }
    }      
    RouteValueDictionary redirectTargetDictionary = new RouteValueDictionary();
    if user.Role==Role.Administrator
    {
      redirectTargetDictionary.Add("action", "Unauthorized");
      redirectTargetDictionary.Add("controller", "Home");
    }
    else
    {
      redirectTargetDictionary.Add("action", "Logon");
      redirectTargetDictionary.Add("controller", "Home");
    }
    filterContext.Result = new RedirectToRouteResult(redirectTargetDictionary);
  }
}
like image 39
Iridio Avatar answered Nov 11 '22 14:11

Iridio
Sign in to Comment

Related questions

What's the base class of a Razor View in ASP.NET MVC3
Preselect Items in Multiselect-Listbox (MVC3 Razor)
Can abstract class be a parameter in a controller's action?
JQuery 1.6 $('form').validate() not working in IE7 & IE8
Send Image From Controller To View In MVC3
Error storing Image in SQL CE 4.0 with ASP.NET MVC 3 and Entity Framework 4.1 Code First
Output razor string inside a string literal quotations
Form with attachments upload and email sending
Difference between Interface and Abstract class in terms of Decoupling?
NodaTime conversions (Part 2). How to?
difference between Html.BeginForm() and ajax.beginform()
Problem with model binder property type int
EntityType 'MyProfile' has no key defined. Define the key for this EntityType
Design Pattern Nomenclature & Clarification: Provider, Service, Broker
How to play the html5 video in IE8 Browsers
ASP.NET MVC3 Role and Permission Management -> With Runtime Permission Assignment
Linq Getting Customers group by date and then by their type
Can I have/chain more than 1 _Layout pages in MVC 3? for a cshtml page?
Posting to a list<modeltype> MVC3
ASP.Net MVC 3 Razor Response.Write position

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!