Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 
  • ASP.NET : Use of AllowAnonymous attribute

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 1.05k
    Comment on it

    The AllowAnonymous attribute was introduced in ASP.NET MVC 4.This attribute is used for specifying those controller actions that can be accessed by anonymous users. For using this attribute we

    use a global authentication filter for the application and only allow anonymous access to the login/registraation page. Earlier we had to apply the authorize filter to every controller in the

    application.

    Following example code shows a typical usage of AllowAnonymous attribute.

    [AllowAnonymous]
    public ActionResult Login(string returnUrl)
    {
        ViewBag.ReturnUrl = returnUrl;
        return View();
    }

    To add a global authorization filter ,add the following line to the Application_Start method in the global.asax file:

    GlobalConfiguration.Configuration.Filters.Add(new System.Web.Http.AuthorizeAttribute());

    The above piece of code will secure the entire website.For ensuring that login/registration page are accessible to anonymous users they are decorated with AllowAnonymous attribute as below:

    [AllowAnonymous]
     public ActionResult Login(string returnUrl)
    [HttpPost]
     [AllowAnonymous]
     [ValidateAntiForgeryToken]
     public ActionResult Login(LoginModel model, string returnUrl)
    [AllowAnonymous]
     public ActionResult Register()
    [HttpPost]
     [AllowAnonymous]
     [ValidateAntiForgeryToken]
     public ActionResult Register(RegisterModel model)

 0 Comment(s)

Sign In
                           OR                           
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: