I'm working on an MVC Intranet site using AD authentication and I'm getting an error when a user tries a url of this format..
.../myController/view/64+
Other errors such as
.../myController/view/aString
.../myController/view/
are all handled fine but the '64+' scenario hits the Authorize attribute, and the User.Identity is null.
Any pointers much appreciated.
controller code
[Authorize(roles="dom\\group")]
public class MyController {
[HttpGet]
public ActionResult View(int id)
{
// do stuff..
return View(viewModel);
}
protected override void OnException(ExceptionContext filterContext)
{
// handle and log error
}
}
the site routing is default
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapRoute(
name: "Default",
url: "{controller}/{action}/{id}",
defaults: new { controller = "Home", action = "Index", id = UrlParameter.Optional }
);
}
User.Identity is null if the user isn't logged in. As you didn't decorate your action with an Authorize attribute, this can happen.
Routing issue would prevent to hit the action at all. So I would exclude that.