Ian Anderson
Reputation: 35
MVC 5 Role Based Authentication
I am trying to lock down our "admin" page to only admins using Asp.net Identity (we are building in MVC5). I can get [Authorize(Users="admin")] to work but can not get [Authorize(Roles="Admin")] to work.
I have created the role in the dbo.AspNetRoles table and then associated the account in the AspNetUserRoles by pairing the user GUID to the ID in the aspnetroles table.
I have seen in previous editions of MVC you have had to get into web.config to add some lines. Can anyone help point me in the right direction?
Upvotes: 2
Views: 4317
Answers (1)
Josh
Reputation: 10604
Have you specified in the web.config that you are going to use roles?
<roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider">
<providers>
<clear />
<add name="AspNetSqlRoleProvider" connectionStringName="DefaultConnection" applicationName="/" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>
Upvotes: 1
Related Questions
- Implementing role-based authorization using .NET MVC 5
- Asp.net Web Application Role based authentication
- MVC Windows authentication + roles management via the AspNetUserRoles table
- ASP.NET Identity roles
- Asp Net MVC Role Security
- Role Management in ASP MVC 5 (Microsoft.AspNet.Identity)
- Role-Based Authentication with aspnet identity in ASP.NET MVC 4
- Asp.Net Mvc Identity Role Management
- ASP.NET IIS user role authentication
- ASP.Net role based form authentication