0

I'm new to asp.net mvc and I was wondering if there was any clean non repetitive way of running a check to see whether a user is logged in when any Action Method on a particular controller is invoked? Also is there a way to stop that method from being invoked and redirecting the user to a specified page? I'm using a custom authentication method (not Membership Provider) and i'm having trouble finding examples for this type of implementation.

Thanks in advance

zSynopsis
  • 4,854
  • 21
  • 69
  • 106
  • 1
    This gets asked about once a week. Take a look at how tvanfosson deals with this. Works great for me: http://stackoverflow.com/questions/977071/redirecting-unauthorized-controller-in-asp-net-mvc/977112#977112 – KP. Oct 05 '09 at 11:29
  • 1
    The answers you're getting here (use AuthorizeAttribute, or a specialization thereof) are correct, but your question is wrong. You cannot test authorization *inside* an action method, because action results can be cached, and inside the method it's too late to do the test. AuthorizeAttribute interacts with caching in such a way that it will never serve cached results to unauthenticated users. – Craig Stuntz Oct 05 '09 at 13:46

1 Answers1

1

Check the [Authorize] attribute System.Web.Mvc.AuthorizeAttribute. Also, the template ASP.NET MVC application created in Visual Studio contains a controller illustrating authorization/authentication techniques.

Rudy
  • 920
  • 9
  • 19
  • Do you have any examples on how to use the Authorize attribute on a custom authentication? I'm not using ASP.Net's MembershipProvider and every article that i've come across regarding the Authorize attribute makes use of the Membership Provider. – zSynopsis Oct 05 '09 at 02:18