Home/ Questions/Q 910577
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-15T17:04:03+00:00

I have an MVC 2 application that every page requires authorization on (except currently

  • 0

I have an MVC 2 application that every page requires authorization on (except currently for /Account/Logon), but I would prefer that instead of it forwarding to “/Account/LogOn?ReturnUrl=/SomePage” to authenticate the user, that it would just show the login form instead on the page the user requested so the URL doesn’t change

I already have a BaseController that almost every other controller inherits that I use for other purposes where I am already putting my AuthorizeAttribute (changed for brevity):

[Authorize(Roles = "Role1, Role2")]
public class BaseController : Controller
{

}

My initial thought for a slick solution would be to override the AuthorizeAttribute class in a fashion that would look something like this:

public class AuthorizeWithLoginAttribute : AuthorizeAttribute
{
    protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
    {
        //This doesn't work obviously
        filterContext.Result = View("Logon");
    }
}

Then I could simply change my above controller to:

[AuthorizeWithLogin(Roles = "Role1, Role2")]
public class BaseController : Controller
{

}

Is there a way to actually make this work? (This is my first post fyi)

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Could you do something in a base controller like

    if(!User.Identity.IsInRole("Role1", "Role2")
{ 
    return View("Logon")
}
return;
    • 0