gill23
Reputation: 633
AllowAnonymous attribute make Authorize ignored
I've a admin dashboard project that need global authorization and I set it up on
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new AuthorizeAttribute());
}
That code make all my controller is being authorize.. And there is a controller that has [AllowAnonymous] attribute.. However I've sudden change request that an action on this controller need to be authorize..
[AllowAnonymous]
public class AuthController : Controller
{
[Authorize(Roles = "Admin")]
public ActionResult BumbaSection()
{
return View();
}
}
This is not working, I still can access this BumbaSection action.. Any idea? Thanks
Upvotes: 1
Views: 1015
Answers (1)
gill23
Reputation: 633
After I peek the authorize code, This part of code make the authorize not working :
public virtual void OnAuthorization(AuthorizationContext filterContext)
{
//code here
if (filterContext.ActionDescriptor.IsDefined(typeof (AllowAnonymousAttribute), true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof (AllowAnonymousAttribute), true))
return;
//code here
}
Override this piece of code in authorize attribute class and my code is start working.. Maybe this will usefull for who that have some problem with me
Upvotes: 3
Related Questions
- Does AllowAnonymous override AuthorizeAttribute
- ASP.NET MVC AllowAnonymous Not working
- Get MVC AllowAnonymous to override custom authorize attribute
- Mvc AllowAnonymous not working
- Allowanonymous attribute does not work in asp.net mvc
- AllowAnonymous Attribute not working MVC 5
- AllowAnonymous not Working MVC5
- ASP .Net MVC 4 Authorize and AllowAnonymous
- AllowAnonymous attribute not applied, controller action still requires login
- ASP.NET MVC Authorize Attribute - NOT WORKING!