public override void OnActionExecuting(ActionExecutingContext filterContext) { bool UserHasRequiredRole = false; var userName = filterContext.HttpContext.User.Identity.Name; var userRoles = RolesService.GetUserRoles(userName); if (string.IsNullOrWhiteSpace(RequiredRoles)) { UserHasRequiredRole = true; } else { var roles = RequiredRoles.Split('|'); foreach (var role in roles) { if (userRoles.Contains(role.ToLower())) { UserHasRequiredRole = true; break; } } } if (!UserHasRequiredRole) { var routeValues = new RouteValueDictionary(); filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "User", action = "Home", MissingRole = RequiredRoles })); } }