Authorize in ASP mvc4

Question

I have actions in different controllers which are decorated with [Authorize(Roles = "admin")] and they are working fine.But the problem is that they always redirect to login page even if the user is loged in.for example following actions redirect to login page even if the user is loged in

[Authorize(Roles = "admin")]
    [HttpPost, ActionName("Delete")]
    public ActionResult DeleteConfirmed(int id)
    {
        VAT vat = db.VAT.Find(id);
        db.VAT.Remove(vat);
        db.SaveChanges();
        return RedirectToAction("Index");
    }

Can I redirect to other page if user is loged in or stop redirecting the page

score 0 · Accepted Answer · edited May 23 '17 at 11:57

Debug your application and check roles assigned to user for which they are redirecting if they are not having admin roles then it will redirect to the login page.

Another thing you can do is that you can redirect to separate page saying "You don't have rights to view this page" or something like this.

Also following question answer might help you. Why does AuthorizeAttribute redirect to the login page for authentication and authorization failures?

score -1 · Answer 2 · edited May 23 '17 at 12:11

-1

How to redirect [Authorize] to loginUrl only when Roles are not used?

Possibly the answer you're looking for.

edited May 23 '17 at 12:11

Community

1
1

answered Mar 20 '14 at 12:24

Joakim Andersson

37
4

Authorize in ASP mvc4

2 Answers2