Is there a way to override the default 400 redirect (set in web.config) on a per-controller basis?
Say I have an Admin controller and an Account controller, each has a custom AuthorizeAttribute. There are two different login forms, and I need the admin controller to redirect to it's when AdminAuthorize attribute is false.
You could always implement your own authorization attribute:
[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)]
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
var controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var actionName = filterContext.ActionDescriptor.ActionName;
// TODO: Now that you know the controller name and the action name
// act accordingly or call the base method
}
}