Menu
How do I achieve authorization with MVC asp.net?
645
In ASP.NET MVC you restrict access to methods using the Authorize attribute. In particular, you use the Authorize attribute when you want to restrict access to an action method and make sure that only authenticated users can execute it.
Windows Authentication is used in conjunction with IIS authentication. The Authentication is performed by IIS in one of three ways such as basic, digest, or Integrated Windows Authentication. When IIS authentication is completed, then ASP.NET uses the authenticated identity to authorize access.
The Authentication is performed by IIS in one of three ways such as basic, digest, or Integrated Windows Authentication. When IIS authentication is completed, then ASP.NET uses the authenticated identity to authorize access.
Use the Authorize attribute
[Authorize] public ActionResult MyAction() { //stuff } You can also use this on the controller. Can pass in users or roles too.
If you want something with a little more control, you could try something like this.
public class CustomAuthorizeAttribute : AuthorizeAttribute { protected override bool AuthorizeCore(HttpContextBase httpContext) { string[] users = Users.Split(','); if (!httpContext.User.Identity.IsAuthenticated) return false; if (users.Length > 0 && !users.Contains(httpContext.User.Identity.Name, StringComparer.OrdinalIgnoreCase)) return false; return true; } } There is an Authorization feature with MVC, using ASP.NET MVC beta and creating the MVC project from Visual Studio, automatically adds a controller that used authorization. One thing that will help with your google search, is that it is a "filter". So try searching on "Authorization Filter MVC" and anything preview 4 or greater will help.
34
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
