Role Based authentication in MVC3

https://stackoverflow.com/questions/22152948

user-roles
asp.net-mvc-3

19-10-2022
|

题

In my database I have some users and their roles. I can authenticate the user based on the user input. Now I want to retrieve the roles from the database and authenticate the user based on the role for every Controller.

解决方案

Authentication and Authorization are two different things. If you want to Authorize someone based on a role then you can decorate a class or method with something like this:

    [Authorize(Roles = "admin")]

this way the controller will reject anyone that does not have an admin role.

Newer versions of MVC have better options for authorization and authentication, but this is what is commonly used in MVC3.

许可以下： CC-BY-SA 和归因

不隶属于 StackOverflow