ASP.NET MVC 4 custom Authorize attribute – How to redirect unauthorized users to error page? [duplicate]

You have to override the HandleUnauthorizedRequest as specified here. public class CustomAuthorize: AuthorizeAttribute { protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)     {         if(!filterContext.HttpContext.User.Identity.IsAuthenticated)         {             base.HandleUnauthorizedRequest(filterContext);         }         else         {             filterContext.Result = new RedirectToRouteResult(new             RouteValueDictionary(new{ controller = “Error”, action = “AccessDenied” }));         }     } } **Note: updated conditional statement Jan ’16

How to create ASP.NET Web API Url?

The ApiController has a property called Url which is of type System.Web.Http.Routing.UrlHelper which allows you to construct urls for api controllers. Example: public class ValuesController : ApiController { // GET /api/values public IEnumerable<string> Get() { // returns /api/values/123 string url = Url.Route(“DefaultApi”, new { controller = “values”, id = “123” }); return new string[] { … Read more

How do I use my own database with SimpleMembership and WebSecurity? What is MVC4 security all about?

See the summaries below each quote for a quick answer, and the paragraphs for detail. Also see the References section at the end for the authoritative sources. Summaries 1.What is SimpleMembership/SimpleMembershipProvider (WebMatrix.WebData) and what is it/are they responsible for? SimpleMembership (a term that covers both the SimpleMembershipProvider and SimpleRoleProvider) is responsible for providing a clean … Read more

ViewModels or ViewBag?

Basically, Should everything be done through the viewmodel or is it Ok to also incorporate viewbag? Everything should be done inside a view model. That’s what a view model is. A class that you specifically define to meet the requirements of your view. Don’t mix ViewBags with ViewModels. It is no longer clear for the … Read more

unobtrusive validation not working with dynamic content

If you try to parse a form that is already parsed it won’t update What you could do when you add dynamic element to the form is either You could remove the form’s validation and re validate it like this: var form = $(formSelector) .removeData(“validator”) /* added by the raw jquery.validate plugin */ .removeData(“unobtrusiveValidation”); /* … Read more

Role based authentication in the new MVC 4 Internet template using simplemembership

Found an answer here by Mehdi Golchin which seems to take care of: [Authorize(Roles=”admin,editor,publisher”)] If I also add this to the home controller: [InitializeSimpleMembership] Because this attribute is on the Accounts controller, SimpleMembership database gets initialize only after the first use of the accounts controller like login/register. Even when the current user gets logged in … Read more