View Complete Post
I want to make Rolebase menu in MVC such that if user doesnot have permission for some action then that Action name shouldnot be shown in the Menu.
I have used the code in the url(http://forums.asp.net/t/1566328.aspx) in my MVC application.My application is a Discussion Forum(in MVC) same functionality as in this forum forums.asp.net
I have used Controllers for post, thread etc.In each controller there are some actions that are using [Authorize(Roles)] attribute
but this coding does not count those Actions in Controllers having Authorize attribute according to the url http://forums.asp.net/t/1566328.aspx
In the code, Authorize attribute is applied to Controller class, but my requirement is of Applying Authorize attribute to some actions in controller so that some are available for all users and some links are available rolewise.Now what is the solution for that?
Role-based security allows administrators to assign access permissions to users based on the roles they play rather than on their individual identities. These privileges can be used to control access to objects and methods, and are easier to identify and maintain than user-based security. The .NET Framework provides two role-based security models, which are exposed as two namespaces: System.Enterprise-Services and System.Security.Permissions. Presented here is a comparison of the two options and a discussion of when each is the right choice. The author also demonstrates the process involved in setting up access security and discusses role memberships.
MSDN Magazine May 2002
For my FBA authentication I have membership provider application name as 'x' and role provider application name as 'y'.
My FBA login form is authenticating users that belong to application 'x' in aspnetdb database, and not application 'y'.
could anybody help me with this..