In a previous post, we talked about adding forms authentication to an ASP.NET project backed by Web API.
One of the caveats of this setup is that if you apply the
[Authorize] attribute to a controller or method, and the user is not authenticated, they get redirected to
~/login.aspx. This obviously doesn’t do well in an ASP.NET MVC context.
The fix is fairly trivial: open up
web.config and change
<authentication mode="Forms"> to this block:
<authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" /> </authentication>
This will change the URL to
~/Account/LogOn. This apparently didn’t work well in previous versions of ASP.NET MVC and required an additional
appSetting, but it seems to work fine in MVC5.