Custom Authorize Attribute

by

Yes, you got it right (IMO it’s safer and simpler to implement a custom membership provider, but it’s your choice)

  1. Yes, it’s correct
  2. You do it right
  3. You inherit the roles property from the AuthorizeAttribute base class and you check in your implementation if the user is in the role.

Edit: a little more on the roles thing

if you have 

[SharweAuthorize(Roles="MyRole")]

then you can check the Roles property in the AuthorizeCore method

protected override bool AuthorizeCore(HttpContextBase httpContext)
{
    if (SessionManager.CheckSession(SessionKeys.User) == true) {
        if (SessionManager.CheckUserIsInRole( Roles )) // where Roles == "MyRole"
           return true;
    }
    return false;
}

More Related Contents:

  1. Using Ajax.BeginForm with ASP.NET MVC 3 Razor
  2. Cascading drop-downs in MVC 3 Razor view
  3. Getting “A potentially dangerous Request.Path value was detected from the client (&)”
  4. ASP.NET MVC Ajax Error handling
  5. Handling session timeout in ajax calls
  6. ASP.NET MVC 3 client-side validation with parameters
  7. MVC3 unobtrusive validation group of inputs
  8. Purpose of ActionName
  9. ASP.NET MVC 3 Razor – Adding class to EditorFor
  10. Is there any good reason to use FormCollection instead of ViewModel?
  11. How to set ViewBag properties for all Views without using a base class for Controllers?
  12. Is it possible to create a generic @helper method with Razor?
  13. Razor actionlink autogenerating ?length=7 in URL?
  14. Possible bug in ASP.NET MVC with form values being replaced
  15. Is using ViewBag in MVC bad? [closed]
  16. MVC 3 file upload and model binding
  17. Does Razor syntax provide a compelling advantage in UI markup?
  18. Implementing “Remember Me” Feature in ASP.NET MVC
  19. Having difficulty using an ASP.NET MVC ViewBag and DropDownListfor
  20. The type or namespace name ‘DbContext’ could not be found [closed]
  21. How do I enable gzip compression when using MVC3 on IIS7?
  22. Disable client-side validation in MVC 3 “cancel” submit button
  23. Razor ViewEngine HTML.Checkbox method creates a hidden input. Why? [duplicate]
  24. How do I create a MVC Razor template for DisplayFor()
  25. How to integrate IoC Membership provider with ASP.NET MVC
  26. MVC 4 how to validate a non-US date with client validation?
  27. Razor Nested WebGrid
  28. Steve Sanderson’s BeginCollectionItem helper won’t bind correctly
  29. MVC3 Validation – Require One From Group
  30. Having issue with multiple controllers of the same name in my project

Leave a Comment