How to redirect to another page when user does not have authorization

0

I have my Custom AuthorizeAttribute .

It works perfectly the way I want, but it always directs the user to /Account/Login , I would like it to redirect to another page that I chose, since he does not have authorization, how do I do that?

Remembering is Authorization and not Authentication.

In the authentication page is correct, log in.

    
asked by anonymous 10.09.2014 / 23:55

2 answers

1

Based on this question .

Add the following method in CustomAuthorizationAttibute :

protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
    {
        if (string.IsNullOrEmpty(System.Web.HttpContext.Current.User.Identity.Name))
        {
            // A sessão está nula ou vazia, não existe usuário logado.
            filterContext.Result = new RedirectToRouteResult(
            new RouteValueDictionary(
                new
                {
                    controller = "Home",
                    action = "Login"
                })
            );
        }
        else
        {
            // Usuário não tem permissão.
            filterContext.Result = new RedirectToRouteResult(
            new RouteValueDictionary(
                new
                {
                    controller = "Home",
                    action = "NaoAutorizado"

                })
            );
        }
    }
    
11.09.2014 / 13:47
0

Normally redirect using MVC's redirect method.

And put a location tag in web.config by assigning anonymous authoring only to your action (url)

<location path="login/SessaoExpirada">
    <system.web>
        <authorization>
            <allow users="?" />
        </authorization>
    </system.web>
</location>
</configuration>
    
18.09.2014 / 20:00