I've wrote a Custom Role Provider :
public class CustomRoleProvider : RoleProvider
{
public override string[] GetRolesForUser(string username)
{
var rolesService = ObjectFactory.GetInstance<IRoleService>();
return rolesService.GetRolesForUser(username.ToInt());
}
public override bool IsUserInRole(string username, string roleName)
{
var rolesService = ObjectFactory.GetInstance<IRoleService>();
return rolesService.IsUserInRole(username.ToInt(), roleName);
}
//....
}
and registered in web.config
:
<roleManager enabled="true" defaultProvider="CustomRoleProvider">
<providers>
<clear/>
<add name="CustomRoleProvider"
type="PooyanTKD.Web.Infrastructure.CustomRoleProvider"
connectionStringName="DefaultConnection"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="false" writeExceptionsToEventLog="false" />
</providers>
</roleManager>
And I've wrote a Custom Authorize Attribute :
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
public class SiteAuthorizeAttribute : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if (filterContext.HttpContext.Request.IsAuthenticated)
{
throw new UnauthorizedAccessException(); //to avoid multiple redirects
}
else
{
base.HandleUnauthorizedRequest(filterContext);
}
}
}
but when I decorate my Controller or action method with [SiteAuthorize(Roles="Admins")]
after login I'm getting this error :
Attempted to perform an unauthorized operation.
Source Error :
Line 14: if (filterContext.HttpContext.Request.IsAuthenticated)
Line 15: {
Line 16: throw new UnauthorizedAccessException(); //to avoid multiple redirects
Line 17: }
Line 18: else
I've trouble finding out my problem and screwed me up, can anyone help me to figure out where is my problem?
PS : when I check value of User.Identity.Name
in other view it's 0, also I check my authentication type in web.config
:
<forms name="Sir1Afifi2013"
cookieless="UseCookies"
loginUrl="~/Account/LogOn"
defaultUrl="~/Admin/Main"
slidingExpiration="true"
protection="All"
path="/"
timeout="20" />
</authentication>
Thanks in Advance