New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AllowAnonymous Requests #18

Open

kijanawoodard opened this issue May 19, 2012 · 1 comment

kijanawoodard commented May 19, 2012

MVC4 project.
GlobalFilters: filters.Add(new System.Web.Mvc.AuthorizeAttribute());

The vast majority of my pages are secured so this works well.

I have the AllowAnonymous attribute on my Login page and a landing page.

Moth makes it's requests through a controller so the requests are blocked unless the user is logged in.

I'm faced with making "manual" stylesheet requests for unsecured pages or turning off global security and "manually" securing most of my controllers.

Could the Moth resource controllers have the AllowAnonymous attribute applied?

Author

kijanawoodard commented May 19, 2012

I'm using the following class to open up Moth. Maybe this is good enough?

public class CustomAuthorizeAttribute : System.Web.Mvc.AuthorizeAttribute
{
    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        if (!(filterContext.Controller is ResourcesController))
            base.OnAuthorization(filterContext);
    }
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment