I am doing an ASP.NET Core MVC 6 App.
I am using Identity, Authorization...
I have a Controller method with [Authorize(Roles = "Internal")] like this
[Authorize(Roles = "Internal")]
public IActionResult Student() => View();
I have set in program.cs this
builder.Services.ConfigureApplicationCookie(options =>
{
options.Cookie.Name = ".AspNetCore.Identity.Application";
options.AccessDeniedPath = "/Account/AccessDenied";
});
IF the logged user does not have External Role.. it redirects to Account Controller and render the AccessDenied View.
It works fine..
The problem I am facing is when there is no user logged. Instead of redirecting to /Account/AccessDenied
, it redirects to a Login page similar to the Login Page created when scafollded in Identity folder.. I do not have it in the Application.. I do not know where it comes from...
How can I manage to redirect both cases to the same page?
Thanks
CodePudding user response:
Try setting the LoginPath
builder.Services.ConfigureApplicationCookie(options =>
{
options.LoginPath = "/Account/AccessDenied";
options.AccessDeniedPath = "/Account/AccessDenied";
});