[AuthenticateUser]
public class HomeController : Controller
{
    //
    // GET: /Home/
    public ActionResult Index()
    {
        return View();
    }

    [AllowAnonymous]
    public ActionResult List()
    {
        return View();
    }
}

How to remove authentication for action named as List? Please advise....

My Custom Filter coding as follow.. i have inherited the FilterAttribute call as well. Please advise regarding

public class AuthenticateUserAttribute: FilterAttribute, IAuthenticationFilter
{
    public void OnAuthentication(AuthenticationContext context)
    {
        if (this.IsAnonymousAction(context))
        {

        }

        if (user == "user")
        {
            // do nothing
        }
        else
        {
            context.Result = new HttpUnauthorizedResult(); // mark unauthorized
        }
    }

    public void OnAuthenticationChallenge(AuthenticationChallengeContext context)
    {
        if (context.Result == null || context.Result is HttpUnauthorizedResult)
        {
            context.Result = new RedirectToRouteResult("Default",
                new System.Web.Routing.RouteValueDictionary{
                    {"controller", "Home"},
                    {"action", "List"},
                    {"returnUrl", context.HttpContext.Request.RawUrl}
                });
        }
    }
}

The below code generate the error message : Error 1 The best overloaded method match for 'MVC5Features.Filters.AuthenticateUserAttribute.IsAnonymousAction(System.Web.Mvc.AuthorizationContext)' has some invalid arguments c:\users\kirupananthan.g\documents\visual studio 2013\Projects\MVC5Features\MVC5Features\Filters\AuthenticateUserAttribute.cs 16 17 MVC5Features Error 2 Argument 1: cannot convert from 'System.Web.Mvc.Filters.AuthenticationContext' to 'System.Web.Mvc.AuthorizationContext' c:\users\kirupananthan.g\documents\visual studio 2013\Projects\MVC5Features\MVC5Features\Filters\AuthenticateUserAttribute.cs 16 40 MVC5Features

if (this.IsAnonymousAction(context))

Since it is your custom filter, you can extend it to handle AllowAnonymous (if you don't want to use AllowAnonymous, yoy can create own f.e. NoAuthentication):

public class AuthenticateUser : IAuthenticationFilter
{

    public void OnAuthentication(AuthenticationContext filterContext)
    { 
        if (this.IsAnonymousAction(filterContext))
        {
            return;
        }

        // some code
    }

    private bool IsAnonymousAction(AuthenticationContext filterContext)
    {
        return  filterContext.ActionDescriptor
                             .GetCustomAttributes(inherit: true)
                             .OfType<AllowAnonymousAttribute>() 
                                             //or any attr. you want
                             .Any();
    }
}

Try the

[AllowAnonymous] 

attribute

Maybe if you specify a specific User Group for that action and in your custom authentication filter allow this group for everything.

In MVC 5 and I quote from http://www.dotnetcurry.com/showarticle.aspx?ID=975 The class CustomOverrideAuthorizationAttribute is inherited from the FilterAttribute class and implements IOverrideFilter. This interface is used to define the filters applied on the controller. The property FiltersToOverride returns the IAuthorizationFilter type. This means that Authorize filter applied on the parent (controller or Global application class) will be overridden

I believe you should remove the attribute from the controller and put it on each action method except List.

So, reading the article that @Bilal posted (Oct 30 '14 at 12:24), it seems there's an elegant way to override filters by class (or interface). You'd have to write a custom attribute for each filter that you want to override, but that may not be a huge problem, if you consider that you probably don't want to override many filters, right?

So, in your question you want to override the AutherizationUser attribute, so you'd implement this class:

public class CustomOverrideAuthenticateUserAttribute : 
   FilterAttribute, IOverrideFilter
{
    public Type FiltersToOverride
    {
        get
        {
            return typeof(AuthenticateUserAttribute);
        }

    }
}

And rewrite your controller as:

[AuthenticateUser]
public class HomeController : Controller
{
    //
    // GET: /Home/
    public ActionResult Index()
    {
        return View();
    }

    [CustomOverrideAuthenticateUser]
    public ActionResult List()
    {
        return View();
    }
}