Show a custom error page instead of Login page

Question

On my MVC4 internet application I am using the AccountController that comes by default along with roles etc.

So I have this controller in which I have defined roles to access the actions, example below.

public class SomeController : Controller
{
    private SomeDbContext db = new LookbookDbContext();

    //
    // GET: /Default1/
    [Authorize(Roles = "Administrator")]
    public ActionResult Index()
    {
        return View(db.SomeTable.ToList());
    }

...
}

What I wanted now is that, when a user/anonymous tries to access this Index action, get's a custom error view I have made instead of showing the Login form.

I have added this but it just does nothing. I keep getting the login form page. I changed it, for testing porpuses, to give me the default 401 error page but it doesn't work either.

public class CustomAuthorize : AuthorizeAttribute
{
        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
        {
            filterContext.Result = new HttpUnauthorizedResult();
        }
}

this might help http://stackoverflow.com/questions/356982/how-to-redirect-to-a-dynamic-login-url-in-asp-net-mvc?rq=1 — Matt Bodily, Sep 26 '13 at 16:00

Botonomous · Answer 1 · 2013-09-26T18:57:43.310

0

Obviously, the first thing you need to do is make your custom view.

Now, I would reccomend making an action filter to handle this:

[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
public class AuthorizeAttribute : System.Web.Mvc.AuthorizeAttribute
{
    protected override void HandleUnauthorizedRequest(System.Web.Mvc.AuthorizationContext filterContext)
    {
        if (filterContext.HttpContext.Request.IsAuthenticated)
        {
            filterContext.Result = new System.Web.Mvc.HttpStatusCodeResult((int)System.Net.HttpStatusCode.Forbidden);
        }
        else
        {
            filterContext.RequestContext.HttpContext.Response.Redirect("~/shared/error");
        }
    }
}

edited Sep 26 '13 at 18:57

answered Sep 26 '13 at 16:08

Botonomous

1,746
1
16
39

Where should I place that code? I added that class under the Filters folder and I'm still being redirected to the login page :/ – fobia Sep 27 '13 at 07:15
Standards suggest: Create a folder in your core solution called 'ActionFilters'. Place the class there. Be sure to register the action filter in App_Start.FilterConfig. – Botonomous Sep 27 '13 at 12:36

score 0 · Answer 2 · answered Sep 26 '13 at 16:59

You should just be able to redirect to your custom error view from your attribute.

Example

public class UnAuthorizedRedirectAttribute : AuthorizeAttribute
{
    protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
    {
        filterContext.RequestContext.HttpContext.Response.Redirect("~/error/no-bacon");
    }
}

score 0 · Answer 3 · answered Jul 11 '19 at 21:26

0

NOTE: This answer was added to the question. I'm moving it here to conform to site guidelines.

What I was missing was the [CustomAuthorize] attribute on my Actions. Once I have added that to the desired action it worked.

answered Jul 11 '19 at 21:26

Jonathan Hall

75,165
16
143
189

Show a custom error page instead of Login page

3 Answers3