protected override bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext.Request.Url == null) { return(false); } var requestedUrl = httpContext.Request.Url.AbsolutePath.ToLower(); if (AuthenticationHelper.CheckUrl(requestedUrl)) { return(true); } if (!new AccessControlHelper().CheckAccess(requestedUrl, _entityTypes)) { return(false); } //return base.AuthorizeCore(httpContext); return(true); }