Authentication / Authorization Filters STEPS
1. In global.asax file, add this line in Application_Start
GlobalFilters.Filters.Add(new AuthorizeAttribute());
2. In Web.config
<authentication mode="Forms">
<forms defaultUrl="Home/Index" loginUrl="Home/Index" />
</authentication>
3. Changes in the code
FormsAuthentication.SetCookie()
========================================================================
Authorization
1. In Web.config add the following
<roleManager defaultProvider="myRoleProvider" enabled="true">
<providers>
<add name="myRoleProvider" type="MvcPlayground.Models.UserApplicationRoles"/>
</providers>
</roleManager>
2. The "type" attribute points to your class that will inherit from RoleProvider
3. Create a class UserApplicationRoles: RolesProvider
4. Override all methods, and implement whichever is applicable.
5. Add the Authorize Attribute above the action where role based authorization is required.
[Authorize(Roles = "Admin, Customer")]
No comments:
Post a Comment