c# - Role-based restriction not working for ASP.NET MVC Forms Authentication via AD -

-

i've got asp.net mvc page i'd secure login , not authenticate against active directory using forms authentication, grant access specific roles.

web.config

<system.web>     <authentication mode="forms">         <forms name=".adauthcookie" loginurl="~/home/login" timeout=45 protection="all" />     </authentication>     <authorization>         <allow roles="admin" />         <deny users="*" />     </authorization>     ...

controllers

[httpget] public actionresult index() {     return view("~/ng-app/index_template.cshtml"); }  [httpget, allowanonymous] public actionresult login() {     return view("~/ng-app/login_template.cshtml"); }  [httppost, allowanonymous] public actionresult login(logindto dto) {     ... // validate dto & stuff     formsauthentication.setauthcookie(loginmodel.username, loginmodel.rememberme); }

now, basic protection , general authentication works perfectly. can log in domain account , don't have access other pages anonymous users. however, i'm somehow unable restrict access role. when add <allow roles="admin" /> authorization section, absolutely nothing. when additionally add <deny users="*" />, lock myself out , after successful login, server returns 302 found without doing redirects or serving actual file.

you should doing allowed roles on controller declaration

so above actionresult declaration put above

[httpget] [authorize(roles="admin")] public actionresult authorizedview() {     return view("~/ng-app/admin_template.cshtml"); }

this check see if user in role declared or not

to declare roles in webconfig below

<authorizationconfiguration>   <controllerauthorizationmappings>     <add controller="home" role="generalaccess">               <!-- define allowed roles actions under home controller -->       <actionauthorizationmappings>         <add action="mytopsecretactionforsupercoolpeopleonly" roles="developer,manager,fonzie" />       </actionauthorizationmappings>     </add>   </controllerauthorizationmappings> </authorizationconfiguration>

and here link site

http://www.ryanmwright.com/2010/04/25/dynamic-controlleraction-authorization-in-asp-net-mvc/

there far me bring thread, turn in wiki answer when have 5 minutes


Comments

Post a Comment

Popular posts from this blog

How has firefox/gecko HTML+CSS rendering changed in version 38? -

-
i have a little website header no longer renders correctly, since updating firefox 38.0.5 [the faceplant logo missing top right, , main logo no longer centred]. still renders expected in other browsers. how has engine's rendering changed in update? according mdn , list of changes is: css support ruby-position , ruby-align have been added , available default ( bug 1055676 , bug 1123917 , bug 1039006 ). the :unresolved pseudo-class has been implemented custom elements ( bug 1111633 ). the predefined style ethiopic-numeric uses space, instead of dot, suffix match recent change spec ( bug 1120721 ). css transitions on generated content (with ::before , ::after ) on both inline , block splits them start expected specification ( bug 1110277 ). the implementation of css logical properties made big progress. [...] how css transitions start has been modified match recent change of specifications, aiming @ having interoperable behavio
Read more

javascript - Complex json ng-repeat -

-
i try ng-repeat on object, tried several times still stuck. if have idea, , if it's possible share tips kind of situation. [ { "abonnement": { "id": "1", "nom": "bas prix", "tarif": "2.49", "communication": "2h de communication", "vers": "vers fixes et mobiles", "zone": "zone nationale" } }, { "abonnement": { "id": "2", "nom": "national", "tarif": "9.99", "communication": "t\u00e9l\u00e9phonie et sms illimit\u00e9s", "vers": "vers fixes et mobiles", "zone": "zone nationale" } }, { "abonnement": { "id": "3", "nom": "euro", "tarif&
Read more

jquery - Cloning of rows and columns from the old table into the new with colSpan and rowSpan -

-
i using clone jquery. necessary clone gray area in new table. problem cloned rows , columns can has rowspan , colspan. the gray area intersection data-fix-cols , data-fix-rows. my solution not work: <table id="old-table" data-fix-cols='3' data-fix-rows='4'> <tbody> <tr> <td class="gray">clone me</td> <td colspan="2" rowspan="2" class="gray">clone me</td> <td>ashgabat</td> <td>barcelona</td> <td>berlin</td> </tr> <tr> <td rowspan="3" class="gray">clone me</td> <td>bucharest</td> <td>warsaw</td> <td>washington</td> </tr> <tr> <td class="gray">clone me</td>
Read more