How to exclude one controller action from an authorized filter in ASP.NET MVC 3?

Question

How to exclude one controller action from an authorized filter in ASP.NET MVC 3?

In ASP.NET MVC 3, I can enable AuthorizeAttribute inside Global.asax RegisterGlobalFilters, and this applies to all controller actions. But how can I exclude some controller actions so that these actions can be called without user registration?

EDIT:

Sorry, additional question, if I add authorization in the class, how can I exclude one action?

+4

asp.net-mvc

Endy tjahjono Apr 4 '11 at 11:31

source share

1 answer

Darin Dimitrov · Accepted Answer · 2011-04-04T11:33:56+0000

You cannot do this with global filters. Because their name indicates => they are global.

One way is to have all controllers requiring authorization from a common base controller, decorated with the [Authorize] attribute. Controllers that do not require authorization will not receive from this base controller.

Another possibility in ASP.NET MVC 3 is to write a custom IFilterProvider that, based on context, will or will not be set filters. I would recommend you read the following blog post .

How to exclude one controller action from an authorized filter in ASP.NET MVC 3?

More articles: