Home
ASP.NET Forums » General ASP.NET » ASP.NET MVC » MVC and Form authentication

MVC and Form authentication

Last post 05-09-2008 5:46 AM by [C.I.] Reman. 1 replies.

Sort Posts:

  • MVC and Form authentication

    05-09-2008, 5:31 AM
    • Loading...
    • hnchan
    • Joined on 08-10-2007, 1:48 AM
    • Posts 77

    Hi All

     I am using MVC with Form authentication and would like to limit the user to access some of the resources before they login.

     Therefore, I tried.

     <location path="Home/Home">
        <system.web>
          <authorization>
            <allow users="*" />
          </authorization>
        </system.web>
      </location>

      <location path="Home/Login">
        <system.web>
          <authorization>
            <allow users="*" />
          </authorization>
        </system.web>
      </location> 

    But it won't allow me to call the Home/Login function under HomeController.

     However, if I tried this.

     <location path="Home">
        <system.web>
          <authorization>
            <allow users="*" />
          </authorization>
        </system.web>
      </location>

     It works fine but I just worry it may have some security issue since I may have more functions under the controller and user may access it without permission.

    Could it be solved?

    Regards

    Alex

     

  • Re: MVC and Form authentication

    05-09-2008, 5:46 AM
    • Loading...
    • [C.I.] Reman
    • Joined on 05-22-2007, 2:52 AM
    • Germany, Dresden
    • Posts 35

    Have a look at this project on Codeplex:

    http://www.codeplex.com/MvcMembership


     

    German Blog: Code-Inside

    English Blog: Code-Inside International
Page 1 of 1 (2 items)
RSS Available

Advertise on ASP.NET

About this Site