Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is the [Authorize] attribute for ASP.NET MVC controllers only for Membership Providers?

Tags:

attributes

asp.net-mvc

asp.net-membership

authorize

Does the [Authorize] attribute used with ASP.NET MVC controllers only function with sites that have implemented a MembershipProvider?

like image 461
KingNestor Avatar asked Jun 11 '09 02:06

KingNestor

People also ask

How does Authorize attribute work in ASP.NET MVC?

If a user is not authenticated, or doesn't have the required user name and role, then the Authorize attribute prevents access to the method and redirects the user to the login URL. When both Roles and Users are set, the effect is combined and only users with that name and in that role are authorized.

Where can the Authorize attribute can be applied?

You can place the Authorize attribute on a controller or on individual actions inside the controller. When we place the Authorize attribute on the controller itself, the authorize attribute applies to all of the actions inside.

2 Answers

Short answer is no. It just checks that there is a IPrincipal, how that gets there is up to you.

I have my own login logic that I use instead of the Membership provider, once I've authenticated a user I just call the FormsAuthentication.SetAuthCookie method. Once you've done that you can then use the [Authenticate] attribute.

like image 54
Mark Avatar answered Sep 22 '22 23:09

Mark

The [Authorize] attribute is an action filter. It's going to grab the IPrincipal and check if the user is authenticated or if you specify roles and/or users in with the attribute, it will match against those.

There are many ways that a web request can be authenticated. Everything from Open ID to Windows Authentication. Check out this question for an OpenID example and more links to implementing authentication that way: StackOverflow Question 961468

like image 40
Jeff Avatar answered Sep 21 '22 23:09

Jeff
Sign in to Comment

Related questions

Why is my attribute routing not working?
core 2.0 - best way to impersonate a Windows user?
How to prevent ViewData content encoding in ASP.Net Core Razor?
Azure Web App VSTS Pre-compile Views (Not updatable)
Adding new Theme to ASP.Net MVC 5 dont work
Create Route for a specific URL without changing the URL with MVC
asp.net adding ApiController as service for dependency injection
Use localized Razor pages as e-mail templates
How to trigger ASP.NET Core client-side validation from JavaScript
ASP.NET MVC running IIS7 deployment problem
ASP.NET MVC Beta 1: DefaultModelBinder wrongly persists parameter and validation state between unrelated requests
ASP.NET MVC and REST URI's
ASP.NET MVC TDD with LINQ and SQL database
Get the fully qualified url for a controller and action?
Maintaining message integrity
What's the point of ASP.net AJAX in ASP.net MVC?
ASP .NET MVC: How can I change the role of an user?
Extending AccountController: ASP.NET MVC Membership
Get the link for a route - Asp.net MVC
Debugging ASP.NET MVC source?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!