Security

ASP.NET MVC 5: Custom AuthorizeAttribute for custom authentication

In a previous post I wrote about how you can should protect your web app from human errors made by developers, by enforcing authentication by default.

Since adding the AuthorizeAttribute to every action involves global filters, we can use that to add our own custom authentication, by inheriting AuthorizeAttributeand overriding the AuthorizeCore and HandleUnauthorizeRequest methods.

Read More »ASP.NET MVC 5: Custom AuthorizeAttribute for custom authentication