Mvc 3 session and authorizeAttribute

First define an ActionFilter :

 public class TheFilter: ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { var session = filterContext.HttpContext.Session; if ((bool?)session["IsManager"] == true) return; //Redirect him to somewhere. var redirectTarget = new RouteValueDictionary {{"action", "{ActionName}"}, {"controller", "{ControllerName}"}}; filterContext.Result = new RedirectToRouteResult(redirectTarget); } } 

Then use it on a limited action (or controller):

 //[TheFilter] public class ManagersController : Controller { [TheFilter] public ActionResult Foo() { ... return View(); } }