In the previous article i had explain about Authentication in ASP.NET MVC. Now I am going to explain a little bit about Authorization in ASP.NET MVC
Authorization
The authorize attribute also allows you to set some parameters to enforce authorization rules. First we need to know the user’s identity and then we can say only the specific identities to allow accessing these actions.
Authorize attribute also allows you to specify the Roles. In Windows Authentication by default map to Windows groups on server or groups configured in the active directory. You can put roles like below
In Forms Authentication ASP.NET has a role provider. By using these you can store, manage roles in a SqlServer database. These can configured in the application by default.The easiest way to do that is use the below button in the solution explorer
It launches ASP.NET configuration tool .This is the tool you are only going use in the local development machine. It’s going to look in the web.config location and use the same application services database as that Form Authentication provider of using that is already configured inside of there. You can add , manage roles from here. While doing these it automatically map to db we are configured in the web.config file.
Hope you are enjoying my article…