Kumar
Reputation:
asp.net mvc Not authorized response is blank page?
If i'm not authorized on a controller action, i am getting a blank page and no error message? I'd like to display a message of some sort, Here's my setup:
class MyAuth : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (!httpContext.User.Identity.IsAuthenticated)
return false;
return MyIsCurrentUserInRoles(Roles.Split(",".ToCharArray()));
}
}
used as
[Myauth(Roles="admin")]
class MyController: Controller
{
}
and the result is blank page when i'm not authorized ?
Is that the default behaviour ? if so, what where do i change it to produce a unauth message ?
Upvotes: 8
Views: 5387
Answers (2)
Rajesh
Reputation: 2502
You can override HandleUnauthorized like AuthorizeCore to say redirect to NoAccess page.
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary {
{ "controller", "NoAuthPages" },
{ "action", "NoAccess" }
});
}
Upvotes: 2
Rhys Jones
Reputation: 4003
Yes, this is the default behaviour when running in the ASP.Net Development Server:
ASP.Net MVC Authorisation action filter
You can redirect it to a page by editing the web.config to include a redirect for error 401:
<customErrors defaultRedirect="ErrorPage.aspx" mode="On">
<error statusCode="401" redirect="AccessDenied.aspx" />
</customErrors>
Upvotes: 8
Related Questions
- Razor page authorization not loading page when user is authenticated
- View is rendered even the request is unauthorized
- ASP.NET mvc 3 Anonymous Authorization not working
- Authorization not working in ASP.NET MVC 5
- IIS serving up a blank page when returning a 401
- Asp.Net MVC 4 User is authenticated even if not authorized
- ASP.NET MVC 401 - Unathorized not prompting for login
- MVC3 Redirect to "Unauthorized" page not working?
- Cannot access Page without authentication
- Problem with Authorization with IIS and MVC