Reputation: 4209
Asp.NET MVC and security
I am planning a new portal solution in ASP.NET MVC. I need to be able to have some parts of the site visible for everyone (public part) and a part where only registered users are allowed to visit. In traditional Web Forms the security was made on folder level, but how about ASP.NET MVC? Could someone please explain me how to do this - or if its more beneficial to go the web forms way.
/H4mm3rHEad
Upvotes: 1
Views: 276
Answers (2)
Reputation: 24754
Security is mostly done on the Controller or Action level via attributes. More information on the Authorize attribute can be found here:
You can easily see how it works by going File-> New MVC project and checking out the AccountController.cs file inside the /Controllers/ directory.
Be aware the answers by Vitaly and Agent_9191 are not current and reference mostly preview MVC builds. Those articles may reference code and or functionality that does not exist or has been depreciated.
Upvotes: 3
Reputation: 7253
Take a look at this post talking about the AuthorizeAttribute. It can be applied to specific actions or an entire controller.
Upvotes: 0
Related Questions
- Comprehensive security solution for ASP.NET MVC app
- ASP.NET MVC 3 - Security architecture considerations
- Securing an ASP.Net MVC Site
- How to do a really simple security model in MVC application?
- Dynamic security for ASP.NET MVC
- ASP.NET MVC application security
- New to ASP.NET MVC - Will I have to relearn security?
- Help with asp.net mvc authorization
- Security in my mvc app
- ASP.NET MVC Security Recommendations