.NET exceptions I can throw for Not Authorized or Not Authenticated

c# authentication exception authorization

I have parts of code where I want to throw an Exception whenever a user is not authenticated/not authorized.

So instead of writing my own NotAuthenticatedException and NotAuthorizedException, I was wondering if there are not already some C# standards for these.

I can imagine a lot of programs throw similar Exceptions, and it would not be very useful if everyone 'writes their own wheel' again.


You could also use UnauthorizedAccessException for authorization violations


Use the C# AuthenticationException or InvalidCredentialException class.

https://docs.microsoft.com/en-us/dotnet/api/system.security.authentication.authenticationexception


To avoid reinventing the wheel, I'd use PrincipalPermission.Demand or PrincipalPermissionAttribute.

A SecurityException will be thrown for you if the demand fails.

If you do want to explicitly throw an exception rather than using PrincipalPermission.Demand, you could consider reusing the existing type System.UnauthorizedAccessException, which is described in MSDN as:

The exception that is thrown when the operating system denies access because of an I/O error or a specific type of security error.

It's your app rather than the OS that's denying access, but perhaps close enough.

Related

How to detect patterns in (electrocardiography) waves?
Differences between "git pull" commands when pulling from origin?
Proper way to assert type of variable in Python
What's the difference between a global var and a window.variable in javascript?
npm start vs node app.js
What does the "@" symbol do in SQL?
Are there some good and modern alternatives to Javadoc? [closed]
What is the convention in JSON for empty vs. null?
Difference between Uint8Array and Uint8ClampedArray
Why does foo = filter(...) return a <filter object>, not a list? [duplicate]
Access to Image from origin 'null' has been blocked by CORS policy
Is there a way to convert indentation in Python code to braces?