ASP.NET MVC Authorization

by

Use the Authorize attribute

[Authorize]
public ActionResult MyAction()
{
   //stuff
}

You can also use this on the controller. Can pass in users or roles too.

If you want something with a little more control, you could try something like this.

 public class CustomAuthorizeAttribute : AuthorizeAttribute
    {
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            string[] users = Users.Split(',');

            if (!httpContext.User.Identity.IsAuthenticated)
                return false;

            if (users.Length > 0 &&
                !users.Contains(httpContext.User.Identity.Name,
                    StringComparer.OrdinalIgnoreCase))
                return false;

            return true;
        }
    }

More Related Contents:

  1. Redirecting unauthorized controller in ASP.NET MVC
  2. Restrict access to a specific controller by IP address in ASP.NET MVC Beta
  3. ASP.NET MVC – How to show unauthorized error on login page?
  4. ASP.NET Web API : Correct way to return a 401/unauthorised response
  5. How to implement custom authentication in ASP.NET MVC 5
  6. what are the URLs for in claim-types
  7. Smtp authentification required [duplicate]
  8. c# asp.net delete last comma [closed]
  9. Pass List of Checkboxes into View and Pull out IEnumerable [duplicate]
  10. RedirectToAction with parameter
  11. Sharing sessions across applications using the ASP.NET Session State Service
  12. Making a Simple Ajax call to controller in asp.net mvc
  13. Get controller and action name from within controller?
  14. Preprocessor directives in Razor
  15. DropDownList in MVC 4 with Razor
  16. Injecting dependencies into ASP.NET MVC 3 action filters. What’s wrong with this approach?
  17. Difference between MVC 5 Project and Web Api Project
  18. How to save image in database using C# [closed]
  19. How do I dispose my filestream when implementing a file download in ASP.NET?
  20. C# mvc 3 using selectlist with selected value in view
  21. Concatenate and minify JavaScript on the fly OR at build time – ASP.NET MVC
  22. ASP.NET MVC 4 + Ninject MVC 3 = No parameterless constructor defined for this object
  23. onchange event for html.dropdownlist
  24. How to allow an anonymous user access to some given page in MVC?
  25. Register IAuthenticationManager with Simple Injector
  26. ASP.NET Core middleware vs filters
  27. Multiple Authorization attributes on method
  28. Opposite of [compare(” “)] data annotation in .net?
  29. MVC MapPageRoute and ActionLink
  30. What does ModelState.IsValid do?

Leave a Comment