Home > DeveloperSection > Forums > Require authorization within whole ASP .NET MVC application
marcel ethan
marcel ethan

Total Post:105

Points:735
Posted on    January-15-2015 10:07 PM

 ASP.Net C#  ASP.NET MVC  Mvc5  Authorization 
Ratings:


 1 Reply(s)
 531  View(s)
Rate this:

I create application where every action beside those which enable login should be out of limits for not logged user.

Should I add [Authorize] annotation before every class' headline? Like here:

namespace WebApplication2.Controllers {

[Authorize]

    public class HomeController : Controller {

 

 

 

 

        public ActionResult Index() {

            return View();

        }

 

        public ActionResult About() {

            ViewBag.Message = "Your application description page.";

 

            return View();

        }

 

        public ActionResult Contact() {

            ViewBag.Message = "Your contact page.";

 

            return View();

        }

    }

}

or there is a shortcut for this? What if I want to change rules for one and only action in particular controller?



Takeshi Okada
Takeshi Okada

Total Post:89

Points:629
Posted on    January-15-2015 10:27 PM

Simplest way is to add Authorize attribute in the filter config to apply it to every controller.

public class FilterConfig

{

    public static void RegisterGlobalFilters(GlobalFilterCollection filters)

    {

        filters.Add(new HandleErrorAttribute());

 

        //Add this line

        filters.Add(new AuthorizeAttribute());

    }

}

Don't forget to add AllowAnonymous attribute when you need it to be accessible to non-logged in users.


Don't want to miss updates? Please click the below button!

Follow MindStick