Please enable Javascript to correctly display the contents on Dot Net Tricks!

Securing Asp.Net MVC Application by using Authorize Attribute

 Print 
  Author : Shailendra Chauhan
Posted On : 06 Jan 2013
Total Views : 148,752   
Updated On : 26 Sep 2016
 

Authorization is the process of determining the rights of an authenticated user for accessing the application's resources. The Asp.Net MVC Framework has a AuthorizeAttribute filter for filtering the authorized user to access a resource. Refer this article for Custom Authentication and Authorization in ASP.NET MVC

Authorize Attribute Properties
Properties
Description
Roles
Gets or sets the roles required to access the controller or action method.
Users
Gets or sets the user names required to access the controller or action method.

Filtering Users by Users Property

Suppose you want to allow the access of AdminProfile to only shailendra and mohan users then you can specify the authorize users list to Users property as shown below.

[Authorize(Users = "shailendra,mohan")]
public ActionResult AdminProfile()
{
 return View();
}

Filtering Users by Roles Property

Suppose you want to allow the access of AdminProfile action to only Admin and SubAdmin roles then you can specify the authorize roles list to Users property as shown below.

[Authorize(Roles = "Admin,SubAdmin")]
public ActionResult AdminProfile()
{
 return View();
}
What do you think?

I hope you will enjoy the tips while programming with Asp.Net MVC. I would like to have feedback from my blog readers. Your valuable feedback, question, or comments about this article are always welcome.



Free Interview Books
 
COMMENTS
20 JAN
ASP.NET Core with Angular4 (Online)
07:00 AM-09:00 AM IST / 07:30 PM Central Time
20 JAN
ASP.NET MVC with Angular (Classroom)
05:00 PM to 07:00 PM IST (+5:30 GMT)
20 JAN
ASP.NET MVC with Angular4 (Online)
03:00 pm to 05:00 pm
20 JAN
Angular2+4 with Firebase (Classroom)
03:00 PM to 05:00 PM IST (+5:30 GMT)
16 JAN
Developing Microsoft Azure Solutions (Online)
07:00 AM-09:00 AM IST/ 07:30 PM -09:30 PM CST
16 JAN
React with Redux (Online)
07:00 AM-08:30 AM IST
15 JAN
Big Data Hadoop Developer (Online)
05:00 PM to 06:30Pm IST / 06:30AM to 08:00AM CST
8 JAN
ASP.NET Core with Angular4 (Online)
09:00 Pm to 11:00 Pm IST (+5:30Gmt)
8 JAN
Big Data Hadoop Developer (Online)
07:00 AM - 08:30 AM IST(+5:30 GMT)
16 DEC
ASP.NET MVC with Angular4 (Classroom)
10:00 AM - 01::00 PM IST(+5:30 GMT)
12 DEC
ASP.NET MVC with Angular4 (Online)
09:00 PM - 11:00 PM IST(+5:30 GMT)
2 DEC
Developing Microsoft Azure Solutions (Online)
07:00 AM-09:00 AM IST / 08:30 PM Central Time
2 DEC
Angular2+4 with Firebase (Online)
10:30 AM-12:30 PM IST(+5.30 GMT)
27 NOV
ASP.NET Core (Online)
07:00 AM to 09:00 AM IST (+5:30 GMT)
11 NOV
ASP.NET MVC (Online)
08:00 AM-10:00 AM IST / 09:30 PM To 11:30 PM(CST)
SUBSCRIBE TO OUR YOUTUBE CHANNEL
 
 
 
LIKE US ON FACEBOOK
 
+