开发者

ASP.Net MVC3 Areas and Security

问答 作者:

I have a public facing website and need to create an "admin" site for managing the content of the website. I would like to create an "Area" for admin functionality and secure just the Admin area usi开发者_如何转开发ng forms authentication. Is this possible? If I put the necessary forms authentication bits in the root web.config file, will it interfere with the public facing pages? How do you isolate forms authentication to an area? Thanks.

The way I go about it is to add an Authorize Atrribute to the the controllers or actions I need to be secure.

In the controller either: 

[Authorize] --secures all actions in the controller
public class SomeController : DefaultController
{
     [Authorize] --secures only this action
     public ActionResult SomeAction(){

     }
}

you can restrict access to specific users and also use a RoleProvider to only allow specific user roles to access the actions decorated with the attributes. Hopefully this can be helpful to you.

继续阅读:areasasp.net-mvc-3asp.net-mvc-areasforms-authentication

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9