Home > Back-end >  asp.net mvc6 Authorization redirect do not work when user is not logged
asp.net mvc6 Authorization redirect do not work when user is not logged

Time:09-15

I am doing an ASP.NET Core MVC 6 App.

I am using Identity, Authorization...

I have a Controller method with [Authorize(Roles = "Internal")] like this

[Authorize(Roles = "Internal")]
        public IActionResult Student() => View();

I have set in program.cs this

builder.Services.ConfigureApplicationCookie(options =>
{
    options.Cookie.Name = ".AspNetCore.Identity.Application";
    options.AccessDeniedPath = "/Account/AccessDenied";
});

IF the logged user does not have External Role.. it redirects to Account Controller and render the AccessDenied View.

It works fine..

The problem I am facing is when there is no user logged. Instead of redirecting to /Account/AccessDenied, it redirects to a Login page similar to the Login Page created when scafollded in Identity folder.. I do not have it in the Application.. I do not know where it comes from...

How can I manage to redirect both cases to the same page?

Thanks

picture

CodePudding user response:

Try setting the LoginPath

builder.Services.ConfigureApplicationCookie(options =>
{
    options.LoginPath = "/Account/AccessDenied";
    options.AccessDeniedPath = "/Account/AccessDenied";
});
  • Related