I have a new MVC application which integrates into a larger pre-existing intranet site.
In production, authentication details will be passed from the existing intranet site. But in development I need a local forms login control to create the authentication.
This means I need a way to hide any of the local login pages when the solution is deployed to production server. I was trying to use Debugger.IsAttached to redirect away from any login page
public class AccountController : Controller
{
public ActionResult LogOn()
{
if (!System.Diagnostics.Debugger.IsAttached)
RedirectToAction("NotFound");
return View();
}
}
It turns out this doesn't work. For some reason which is a mystery to me, the login page is still served when navigating to /Account/LogOn.
Can I fix this? Is there a better way?
Just out of curiousity, are you aware of the "Authorize" attribute?
http://msdn.microsoft.com/en-us/library/system.web.mvc.authorizeattribute.aspx
You mention that your application is part of a larger application that I assume deals with the security (authentication), right ?
If so, in development, you could have a different/specific web.config for your needs.
<authentication mode="Forms">
<forms loginUrl="~/MyDevelopment/LogIn"/> //Just for dev
</authentication>
Also,
Instead of the Debugger.IsAttached, I suggest you use the compiler's directive
#if !DEBUG
RedirectToAction("NotFound");
#endif