Initialization of descendants of AuthorizeAttribute not having a default constructor fails inside AuthorizeAttributeAclModule

[estrizhok]

The way you instantiate filter attributes inherited from AuthorizeAttribute to check whether a user can access a certain link does not work for inheritors not providing an accessible default constructor, nor it does for sealed attributes.

Here is how I did that: I inherited a class I used to check permissions from ControllerActionInvoker, which allowed me to use its GetFilters method. You could then invoke InvokeAuthorizationFilters passing authorization filters as a parameter and check result has a non-nullable action result.

[NightOwl888]

Could you post your fix? Are you using v3 or v4?

[NightOwl888]

The way that AuthorizeAttribute is handled is largely based on the recommendation of this blog post. I was going down the road of trying to support any IFilterProvider as some people had complained, but it turned out that an older version of MvcSiteMapProvider did it that way which turned out to be all wrong.

Anyway, I am trying to work out if there is an actual problem here that needs to be addressed, there is a new feature that we need to add, or if you are just boasting your skills :). If there is something that needs to be done, please post some code so we can work it out. If not, let's just close this issue.