Can I disable filter authentication on a single action in MVC 5?

Question

Can I disable filter authentication on a single action in MVC 5?

[AuthenticateUser] public class HomeController : Controller { // // GET: /Home/ public ActionResult Index() { return View(); } [AllowAnonymous] public ActionResult List() { return View(); } }

How to remove authentication for an action named List? Please inform ...

Custom filter modification as shown below. I also inherited the FilterAttribute call. Please inform about

 public class AuthenticateUserAttribute: FilterAttribute, IAuthenticationFilter { public void OnAuthentication(AuthenticationContext context) { if (this.IsAnonymousAction(context)) { } if (user == "user") { // do nothing } else { context.Result = new HttpUnauthorizedResult(); // mark unauthorized } } public void OnAuthenticationChallenge(AuthenticationChallengeContext context) { if (context.Result == null || context.Result is HttpUnauthorizedResult) { context.Result = new RedirectToRouteResult("Default", new System.Web.Routing.RouteValueDictionary{ {"controller", "Home"}, {"action", "List"}, {"returnUrl", context.HttpContext.Request.RawUrl} }); } } }

The following error code is generated in the code below: Error 1 The best overloaded method match for 'MVC5Features.Filters.AuthenticateUserAttribute.IsAnonymousAction (System.Web.Mvc.AuthorizationContext)' has some invalid arguments c: \ users \ kirupananthan.g \ documents \ visual studio 2013 \ Projects \ MVC5Features \ MVC5Features \ Filters \ AuthenticateUserAttribute.cs 16 17 MVC5Features Error 2 Argument 1: Cannot convert from "System.Web.Mvc.Filters.AuthenticationContext" to "System.Web.Mvc.AuthorizationContext" c: users \ kirupananthan.g \ documents \ visual studio 2013 \ Projects \ MVC5Features \ MVC5Features \ Filters \ AuthenticateUserAttribute.cs 16 40 MVC5Features

 if (this.IsAnonymousAction(context))

+5

c # .net asp.net asp.net-mvc asp.net-mvc-5

Kirupananthan.GS Oct 30 '14 at 12:00

source share

5 answers

Try

 [AllowAnonymous]

Attribute

+1

severin Oct 30 '14 at 12:03

source share

Perhaps if you specify a specific user group for this action and in your custom authentication filter, allow this group for everything.

0

e4rthdog Oct 30 '14 at 12:21

source share

In MVC 5, and I quote http://www.dotnetcurry.com/showarticle.aspx?ID=975 The CustomOverrideAuthorizationAttribute class inherits from the FilterAttribute class and implements IOverrideFilter. This interface is used to determine the filters used on the controller. The FiltersToOverride property returns type IAuthorizationFilter. This means that the authorization filter applied to the parent (controller or global application class) will be redefined

0

Bilal Oct 30 '14 at 12:24

source share

I believe that you should remove the attribute from the controller and place it on every action method except List.

0

The rural juror Oct 30 '14 at 12:56

source share

user2160375 · Accepted Answer · 2014-10-30T12:19:06+0000

Since this is your custom filter, you can expand it to handle AllowAnonymous (if you don't want to use AllowAnonymous, yoy can create his own fe NoAuthentication):

 public class AuthenticateUser : IAuthenticationFilter { public void OnAuthentication(AuthenticationContext filterContext) { if (this.IsAnonymousAction(filterContext)) { return; } // some code } private bool IsAnonymousAction(AuthenticationContext filterContext) { return filterContext.ActionDescriptor .GetCustomAttributes(inherit: true) .OfType<AllowAnonymousAttribute>() //or any attr. you want .Any(); } }

Can I disable filter authentication on a single action in MVC 5?

More articles: