Home/ Questions/Q 6763109
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T14:26:15+00:00

So far I’ve seen the main advice for applying authorization rules consists of adding

  • 0

So far I’ve seen the main advice for applying authorization rules consists of adding various attributes to actions. Which is fine if the majority of your actions don’t require authorisation.

However my application entirely exists behind a login form, so for me it makes sense to have all actions require authorisation by default.

Is there a way to do this without having to annotate every method?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team
    1. You can dictate the login via the web.config.
    2. You can derive all your controllers from a common base controller which either has an attribute over it, or override the OnAuthorization method.
    3. Implement the Application_AuthenticateRequest in the Global.asax.
    • 0