i have function named comments with attributes [Authorize(Roles="Admin,Users")]. I have edit button for comments. On the Edit function we have attribute [Authorize(Roles="Adm开发者_Go百科in")]. When User tries to access i want to throw a custom error page.I am not using forms authentication just roles provider. How can i redirect to custom error page.
Write a custom attribute
eg
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
private string[] UnAuthorizedRoles = new string[] { "USER" };
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
{
bool authorized = true;
foreach (string role in UnAuthorizedRoles)
{
if (httpContext.User.IsInRole(role))
{
authorized = false;
}
}
return authorized;
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
// send to custom error page
}
}
精彩评论