Does anyone successfully use the Authorize and RequireSSL attributes (from MVC futures) together on the controller? I created a controller for which I must enforce the rule in which the user must log in and use a secure connection to execute it. If the user is not in a secure connection, I want the application to be redirected to https, so I use Redirect = true in the RequireSSL attribute. The code looks something like this: CheckPasswordExpired is my native attribute):
[Authorize]
[RequireSsl(Redirect = true)]
[CheckPasswordExpired(ActionName = "ChangePassword",
ControllerName = "Account")]
[HandleError]
public class ActionsController : Controller
{
....
}
mysite.com/Actions/Index is the default route for the site, as well as the default page for redirecting forms authentication.
http://mysite.com, , , , . HTTP 400 (Bad Request). http://mysite.com/Account/Login, , , [].
- ?
!