Role Based authentication in MVC3

Question

In my database I have some users and their roles. I can authenticate the user based on the user input. Now I want to retrieve the roles from the database and authenticate the user based on the role for every Controller.

Answer 1

Authentication and Authorization are two different things. If you want to Authorize someone based on a role then you can decorate a class or method with something like this:

    [Authorize(Roles = "admin")]

this way the controller will reject anyone that does not have an admin role.

Newer versions of MVC have better options for authorization and authentication, but this is what is commonly used in MVC3.