I have an MVC 2 application that every page requires authorization on (except currently for /Account/Logon), but I would prefer that instead of it forwarding to "/Account/LogOn?ReturnUrl=/SomePage" to authenticate the user, that it would just show the login form instead on the page the user requested so the URL doesn't change
I already have a BaseController that almost every other controller inherits that I use for other purposes where I am already putting my AuthorizeAttribute (changed for brevity):
[Authorize(Roles = "Role1, Role2")]
public class BaseController : Controller
{
}
My initial thought for a slick solution would be to override the AuthorizeAttribute class in a fashion that would look something like this:
public class AuthorizeWithLoginAttribute : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
//This doesn't work obviously
filterContext.Result = View("Logon");
}
}
Then I could simply change my above controller to:
[AuthorizeWithLogin(Roles = "Role1, Role2")]
public class BaseController : Controller
{
}
Is there a way to actually make this work? (This is my first post fyi)