Menu
I am using MVC with forms authentication and i need authentication bypass for one of my controllers, is it possible to bypass authentication for Cotroller(s)/Action(s). I have been through ASP.NET MVC Forms authentication and unauthenticated controller actions , but i dont want to restrict any action for a user/role , i want to allow it anonymously.
Can anyone help in this regard.
926
The location tag solution posted on the page you linked to actually does work for MVC. The authorization controls around that kick in before the MVC framework has a chance to handle the request:
<configuration>
<location path="~/MyAnonymousController">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
</configuration>
Also note that you can put web.config files in sub-directories in your app. So for example, you can put your anonymous-access controller in it's own sub-directory and add a web.config in that directory with a location tag to allow anonymous access to everything in that directory: Web.config: Wildcards in location and authorization
146
Go through the following blog, it worked for me:
http://blog.tomasjansson.com/securing-your-asp-net-mvc-3-application
34
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
