Reputation: 4400
MVC Authentication bypass for a single controller/action
I am using MVC with forms authentication and i need authentication bypass for one of my controllers, is it possible to bypass authentication for Cotroller(s)/Action(s). I have been through ASP.NET MVC Forms authentication and unauthenticated controller actions , but i dont want to restrict any action for a user/role , i want to allow it anonymously.
Can anyone help in this regard.
Upvotes: 8
Views: 12123
Answers (2)
Reputation: 21
Go through the following blog, it worked for me:
http://blog.tomasjansson.com/securing-your-asp-net-mvc-3-application
Upvotes: 1
Reputation: 813
The location tag solution posted on the page you linked to actually does work for MVC. The authorization controls around that kick in before the MVC framework has a chance to handle the request:
<configuration>
<location path="~/MyAnonymousController">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
</configuration>
Also note that you can put web.config files in sub-directories in your app. So for example, you can put your anonymous-access controller in it's own sub-directory and add a web.config in that directory with a location tag to allow anonymous access to everything in that directory: Web.config: Wildcards in location and authorization
Upvotes: 7
Related Questions
- MVC Authentication bypass for a controller/action
- How to skip forms authentication to some controller actions in asp.net MVC
- MVC Authentication - Easiest Way
- Bypass windows authentication on a controller MVC
- ASP.NET MVC 4 Applying Windows Authentication to a single Controller?
- Best way of preventing access to an action in mvc
- MVC Skip Controller Authentication Use Action
- How can I use my own authentication mechanism but leverage ASP.NET MVC authorization?
- Require re-authentication for certain actions
- Custom Authentication on a Controllers Action Methods