forum

home / developersection / forums / require authorization within whole asp .net mvc application

Ask Question

Require authorization within whole ASP .NET MVC application

marcel ethan 2135 15-Jan-2015

I create application where every action beside those which enable login should be out of limits for not logged user.

Should I add [Authorize] annotation before every class' headline? Like here:

namespace WebApplication2.Controllers {
[Authorize]
    public class HomeController : Controller {    
        public ActionResult Index() {
            return View();
        } 
        public ActionResult About() {
            ViewBag.Message = "Your application description page."; 
            return View();
        } 
        public ActionResult Contact() {
            ViewBag.Message = "Your contact page.";
 
            return View();
        }
    }
}

or there is a shortcut for this? What if I want to change rules for one and only action in particular controller?

asp.net c#  asp.net mvc  mvc5  authorization 
Updated on 15-Jan-2015
marcel ethan

Other

Follow
Can you answer this question?
Answer

1 Answers

Takeshi Okada

Takeshi Okada

15-Jan-2015

Simplest way is to add Authorize attribute in the filter config to apply it to every controller.

public class FilterConfig
{
    public static void RegisterGlobalFilters(GlobalFilterCollection filters)
    {
        filters.Add(new HandleErrorAttribute());
 
        //Add this line
        filters.Add(new AuthorizeAttribute());
    }
}

Don't forget to add AllowAnonymous attribute when you need it to be accessible to non-logged in users.

advertising
advertising

Liked By

We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy