memberauthorize attribute throws 500 error not 403 error

Press Ctrl / CMD + C to copy this to your clipboard.

Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

Huw Reddick 1932 posts 6722 karma points MVP 3x c-trib

Apr 01, 2021 @ 15:26

0

MemberAuthorize attribute throws 500 error in Views not a 403 error

Is there any reason that it throws a HttpException with a 500 status rather than a 403 error?

Copy Link
Huw Reddick 1932 posts 6722 karma points MVP 3x c-trib

Apr 01, 2021 @ 15:47

1

mmm, seems it does return a 403, however if it is a Html.RenderAction in a view the view errors with a 500 error :(

Copy Link
Huw Reddick 1932 posts 6722 karma points MVP 3x c-trib

Apr 01, 2021 @ 16:28
0
If anyone else needs this to work , I copied the Umbraco MemberAuthorizeAttribute code to create a CustomMemberAuthorizeAttribute and changed the HandleUnauthorizedRequest to set the filterContext rather than throw an exception
```
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
    filterContext.Result = new HttpStatusCodeResult(403);
    //throw new HttpException(403, "Resource restricted: either member is not logged on or is not of a permitted type or group.");
}
```
Copy Link
is working on a reply...

This forum is in read-only mode while we transition to the new forum.

You can continue this topic on the new forum by tapping the "Continue discussion" link below.

Please Sign in or register to post replies