Reputation: 7836
.NET membership, role and authorize in MVC3
Ok, so I setup my MVC3 to use the default registration, login and membership from .NET. Just ran the services wizard onto the database.
Now, I put in the [Authorize(Roles = "User")] portion to each Action that I want restricted in the controllers.
The problem I have is that despite being logged in, I still get prompted to log-in whenever I try to access these "restricted actions", I get prompted with the log-in screen.
What is the default role or members in .NET membership? Or can I change the Authorize filter/rule to suit all logged in members?
Thanks! Any piece of help or advise would be appreciated.
Upvotes: 0
Views: 148
Answers (1)
Reputation: 32490
You don't need anything more than [Authorize] to force users to Authenticate.
Later, once you have many controllers and want to distinguish between which user groups are allowed to see which Controllers or Actions, you can add add roles and close off Controllers to distinct roles:
examples
[Authorize(Roles = "Admin")]
public ActionResult AdminReports()
Upvotes: 2
Related Questions
- ASP.Net MVC 6 authentication and authorization
- ASP.NET MVC Membership Roles
- MVC Role Authorization
- ASP.NET (MVC) Users, Roles and Users in Roles
- Asp.net membership permissions and roles
- Membership Authorization
- Membership & Authorization in ASP.NET MVC
- Help with asp.net membership in mvc 3
- Permission-based authorization in ASP.NET MVC3
- .NET Roles, Membership, FormsAuthentication, MVC3