Having different login pages for different ASP.NET MVC 3 areas

Question

Can I have different login URL for different ASP .NET MVC3 areas?

e.g. I would like to have different login page for Administrator and Data entry operators.

Answer 1

My solution was based on the solution presented by David Glenn, thanks.

public class CustomAuthorization : AuthorizeAttribute
{
    public string Url { get; set; }

    // redirect to login page with the original url as parameter.
    protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
    {
        filterContext.Result = new RedirectResult(Url + "?returnUrl=" + filterContext.HttpContext.Request.Url.PathAndQuery);
    }
}

And add the Attribute to your controllers/actions

[CustomAuthorization(Url="/Area/Login")]
public class HomeController {
  //...
}

Is better use filterContext.Result than filterContext.HttpContext.Response.Redirect(Url) to redirect because the current filter will redirect immediately to the login page otherwise the original action will be called and only then redirected to login page.

Answer 2

I'm not aware of .NET handling this for you but you could create a custom AuthorizationAttribute

public class CustomAuthorization : AuthorizeAttribute {

  public string Url { get; set; }

  public override void OnAuthorization(AuthorizationContext filterContext) {

    if (!filterContext.HttpContext.User.Identity.IsAuthenticated) {
      filterContext.HttpContext.Response.Redirect(Url);
    }
    base.OnAuthorization(filterContext);

  }

}

An add that to your controllers/actions

[CustomAuthorization(Url="/Area/Login")]
public class HomeController {
  //...
}