I am quite familiar with the Authorization Filter in mvc to authorize access to particular url in mvc.
I m working on scenario where i have no control over the Controller naming CustomCtrl written for some Action in my application.
How can i enforce Authorization rules in this case.
eg. if some one login in my application with User attribute, which i m storing in session state, how can i restrict that user to access the url Admin/CustomCtrl/SomeAction, Like something we can do in ASP.NET application by writting CustomHandler