Securing your ASP.NET MVC 4 App and the new AllowAnonymous Attribute - Ricka on MVC and... - 2 views
-
Jacques Bosch on 27 Mar 12"ASP.NET MVC 3 introduced global filters, which allows you to add the AuthorizeAttribute filter to the global.asax file to protect every action method of every controller. (In MVC versions prior to MVC 3, it was difficult to enforce the AuthorizeAttribute attribute be applied to all methods except login/register. See my previous blog on security for details.) The code below shows how to add the AuthorizeAttribute filter globally."