My MVC web application serves two types of users. First one over standard web browser Second one over REST returning only Json data. Both requires Authentication and authorization. Both scenarios are differentiated based on the route so that i know what content to serve.
When users access the application, if they are not logIn the application should react differently.
In the first case it should return the default LogIn page (this is fine)
In the second case it should return a Unauthorized code 401 only.
I'm used to work with WCF REST service where i could raise an exception like this
throw new WebProtocolException(System.Net.HttpStatusCode.Unauthorized, exc.Message, exc);
and receive an 401 message.
The problem is that within mvc when i put the statusCode like this
HttpContext.Response.StatusCode = (Int32)HttpStatusCode.Unauthorized
it always redirect to the login page.
How can i do this ?
i've tried overriding the AuthorizeAttribute and handling the OnAuthorization function but still as soon as i set the statusCode to 401 it get redirected to the log in page.