forum

Home / DeveloperSection / Forums / ASP.Net MVC: Can the AuthorizeAttribute be overriden?

ASP.Net MVC: Can the AuthorizeAttribute be overriden?

Anonymous User 1818 21-May-2015

As this is an internal application most of the pages are private and only viewable to the role "Admin". As I have a base controller I can do this:

[Authorize(Roles="Admin")]
public abstract class MyControllerBase : Controller
{
     ...
}

I have a problem though as some of the actions are viewable on a public website and if I attribute them like so:

[Authorize(Roles
= "Public")]
public class LoginController : MyController
{
      public ActionResult Index()
      {
 
      }
}

The page fails to load as the user isn't authenticated. It would seem the Role of "Public is being ignored on the inherited class. Does anyone know if the roles can be overridden by inherited classes?

I am also trying to avoid attributing all the controllers with Roles="Admin"


Updated on 21-May-2015
I am a content writter !

Can you answer this question?


Answer

1 Answers

Liked By