Your browser does not support JavaScript! Please enable script of your browser.
 
Coding is Rhyme
Handy Tricks For Beginners & Professionals
ASP.NET MVC 5, 4 - Tutorial, Article Pdf, Training, Code Snippets, Reference Manual, Model, View, Controller, Routing System, Unobtrusive Validation, Html Helpers, Razor Engine, Data Annotations, Dependancy Injection, Database Access, Security, Configuration and Deployment

Securing Asp.Net MVC Application by using Authorize Attribute

Posted By : Shailendra Chauhan, 06 Jan 2013
Updated On : 28 Jan 2014
  Version Support : MVC3 & MVC4
Keywords : authorize filter in asp.net mvc,authorization in asp.net mvc,restrict users in asp.net mvc

Authorization is the process of determining the rights of an authenticated user for accessing the application's resources. The Asp.Net MVC Framework has a AuthorizeAttribute filter for filtering the authorized user to access a resource. Refer this article for Custom Authentication and Authorization in ASP.NET MVC

Authorize Attribute Properties
Properties
Description
Roles
Gets or sets the roles required to access the controller or action method.
Users
Gets or sets the user names required to access the controller or action method.

Filtering Users by Users Property

Suppose you want to allow the access of AdminProfile to only shailendra and mohan users then you can specify the authorize users list to Users property as shown below.

[Authorize(Users = "shailendra,mohan")]
public ActionResult AdminProfile()
{
 return View();
}

Filtering Users by Roles Property

Suppose you want to allow the access of AdminProfile action to only Admin and SubAdmin roles then you can specify the authorize roles list to Users property as shown below.

[Authorize(Roles = "Admin,SubAdmin")]
public ActionResult AdminProfile()
{
 return View();
}
What do you think?

I hope you will enjoy the tips while programming with Asp.Net MVC. I would like to have feedback from my blog readers. Your valuable feedback, question, or comments about this article are always welcome.

About the Author
Shailendra Chauhan works as Sr. Software Engineer at reputed MNC and has more than 5 years of hand over Microsoft .NET technologies. He is a .NET Consultant and is the founder & chief editor of www.dotnet-tricks.com and www.dotnetinterviewtricks.com blogs. He is an author of books ASP.NET MVC Interview Questions and Answers & LINQ Interview Questions and Answers.
He loves to work with web applications and mobile apps using Microsoft technology including ASP.NET, MVC, C#, SQL Server, WCF, Web API, Entity Framework,Cloud Computing, Windows Azure, jQuery, jQuery Mobile, Knockout.js, Angular.js and many more web technologies. More...
 
 
Recommended Articles!
 
 
Search Articles
 
 
Subscribe & follow Us
 
 
Protected by Copyscape Web Plagiarism Check
 
Free ASP.NET MVC Interview Book
Learn In Hindi
Browse By Category
 
Recent Articles
 
Popular Articles
 
Like us on Facebook
 
Featured AD
Join our Training programs in Delhi/Noida on ASP.NET MVC, WCF, EF, jQuery - call us    +91-9871749695