64129

Authorize attributes not working in MVC 4

In my application i am using

System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=2.0.0.0

as my membership provider and here my Account Controller code

[HttpPost] public ActionResult Login(string username,string password) { var result = Membership.ValidateUser(username, password); if(result) { var user = Membership.GetUser(username); var roles = Roles.GetRolesForUser(username); var isDistributor = roles.Any(x => x.ToUpper() == "DISTRIBUTOR"); if (isDistributor) return RedirectToAction("ShowCurrentDistributor", "Distributor"); } else { TempData["error"] = "Invalid login attempt"; } return View(); }

And my ShowCurrentDistributor action code:

[HttpGet] [Authorize(Roles = "Distributor")] public ActionResult ShowCurrentDistributor() { var distributor = _distributer.GetDistributerbyEmail(User.Identity.Name); return View(distributor); }

But when i call <strong>ShowCurrentDistributor</strong> method, authorization not working. it always return back to my login form even i passed authentication with valid role( Distributor). Whats wrong with my code

Answer1:

You need to add the following line after successful validation:

FormsAuthentication.SetAuthCookie(username,true);

(answered in question comments by the original poster)

Recommend

  • jquery prevent form from submiting if ajax error exists
  • Jax-RS Filter pass object to resource
  • Removing scripts added by ClientScript.RegisterStartupScript
  • Custom Membership/Role/Profile Providers WITHOUT inheriting the MembershipProvider, RoleProvider, et
  • How do I invalidate a bad authentication cookie early in the request?
  • Python. How to optimize search functions
  • SimpleMembershipProvider in MVC4 throws NotSupportedException on methods when initialized
  • simplemembership MVC4 get username by userId
  • second dropdown menu not selected
  • array from php to JavaScript
  • How to check if a RxJS Observable contains a string in Angular2?
  • How to use AWS roles with Packer to create AMIs
  • How would you audit ASP.NET Membership tables, while recording what user made the changes?
  • Angular2 How to display localStorage value inside HTML5 template?
  • Handle Authentication and Authorization in jax-rs webservice with cxf
  • Laravel 5.1 Multitenancy setup
  • Symfony2 plaintext users don't work
  • Can't access Tomcat 7 Manager app when running from Eclipse
  • Is it better to have roles as a column on my users table, or do it through join tables (Roles &
  • Authentication in Play! and RestEasy
  • MongoError: Incorrect arguments
  • Django rest serializer Breaks when data exists
  • Can I have the cursor start on a particular column by default in jqgrid's edit mode?
  • Can a Chrome extension content script make an jQuery AJAX request for an html file that is itself a
  • what is the difference between the asp.net mvc application and asp.net web application
  • Upload files with Ajax and Jquery
  • Apache 2.4 - remove | delete | uninstall
  • Numpy divide by zero. Why?
  • php design question - will a Helper help here?
  • How to delete a row from a dynamic generate table using jquery?
  • AngularJs get employee from factory
  • using HTMLImports.whenReady not working in chrome
  • Turn off referential integrity in Derby? is it possible?
  • IndexOutOfRangeException on multidimensional array despite using GetLength check
  • Authorize attributes not working in MVC 4
  • EntityFramework adding new object to nested object collection
  • Busy indicator not showing up in wpf window [duplicate]
  • UserPrincipal.Current returns apppool on IIS
  • Python/Django TangoWithDjango Models and Databases
  • Net Present Value in Excel for Grouped Recurring CF