All geek questions in one place

ASP.NET MVC Authorization Settings

The application had 99% of the actions requiring user login.

The options I came across are

1-) Create the inheritance chain of the base controller and apply the authorize attribute at this level. Something like: BaseController> AuthorizeController, BaseController> PublicController. (I don't like this because of the inheritance chain)

2-) Create your own authorization attribute and use the flag to bypass authorization. Like this post . (by my preference so far).

What are the other options / best practices? What about using web.config in asp.net webforms? Link here . Same as authorize attribute?

+3
source share
1 answer

To do this, use the tab and the web configuration file; you can specify authorization parameters, and it also works in MVC.

http://msdn.microsoft.com/en-us/library/wce3kxhd.aspx

An authorized approach will work, or you can create a custom ControllerActionInvoker (each controller has a link to this). This class works with every invocation of an action that seems appropriate.

+1
source

Source: https://habr.com/ru/post/1728649/

More articles:


All Articles