Using Net Web 4.5.1
Started off trying to configure a rule on the default document (i.e. index.html):
routes.MapPageRoute(
"Default",
"",
"~/Statics/anybody.html"
);
If during debug locally I want (without extensions)
http://localhost:52065
to go to
http://localhost:52065/Statics/anybody.html
Down the road I want any request that isn't authorized to be directed to the splash page (i.e. /Statics/anybody.html).
I'm hesitant to post this, but, this is how you could do it:
public class AuthenticatedConstraint : IRouteConstraint
{
public bool Match(HttpContextBase httpContext, Route route, string parameterName, RouteValueDictionary values,
RouteDirection routeDirection)
{
return httpContext.Request.IsAuthenticated;
}
}
Then you could use the following routes:
routes.MapRoute(name: "Default",
url: "{*url}",
defaults: "~/Statics/anybody.html", constraints: new AuthenticatedConstraint());
routes.MapRoute(name: "DefaultNotAuthenticated",
url: "{*url}",
defaults: "~/Statics/notauth.html");
The first one would match any authenticated request, and return it to the anybody.html document; the second one would match all unauthenticated routes and put them at the notauth.html document. You can tweak your url's any way you need to.
However, I mentioned I was hesitant to post this; while this should and will work for simple requests, the ASP.NET MVC routing engine is very complicated, a lot of things hinge on little things, wildcards, order that stuff is processed, etc. It'd be very easy to "accidentally" make this route not work in your own code.
That being said, routes are not foolproof. There are a few ways to get around the routing engine. Thus, this is not a "secure" solution per se. I would stick with checking auth for every request you need to, whether doing that at a controller, filter, or individual page. This will work as an "additional" security measure, catching things before they get there sometimes, but then if something slips through the cracks, the page is handling security for itself.