Visual studio feeds

All Visual Studio blogs in one place


Enter your email address:

Delivered by FeedBurner

Increase your website traffic with



Anti-spam: How many eyes has a typical person?

Follow us on FB


ASP.NET MVC Authentication - Global Authentication and Allow Anonymous

AddThis Social Bookmark Button
As I was recently updating the Wrox Professional ASP.NET book for ASP.NET MVC 4, I thought about some of the common questions, tip, and tricks I've seen over the past few years, and thought it was time for a... quick blog series! Let's start with Global Authentication. ASP.NET MVC has had an Account Controller since the ASP.NET MVC 1.0 preview releases; it handles login and registration. That, by itself, just allows users to get logged in - it doesn't do anything to restrict access. That's where the AuthorizeAttribute comes into play. AuthorizeAttribute is a Filter attribute which
can be placed on ASP.NET MVC actions or entire controllers to prevent unauthorized access. Attempting to access a restricted controller action when you're not authorized redirects you to login, as I previously described in quite gory detail in a previous post titled Looking at how the ASP.NET MVC Authorize interacts with ASP.NET Forms Authorization. Reminder: Don't use web.config to restrict access, use [Authorize] Note: This is old news to MVC veterans, but bears repeating because it continues to be a common question and is really important to get right. In ASP.NET Web Forms, requests mapped...(Read whole news on source site)

Home : Blog List : Jon Galloway : ASP.NET MVC Authentication - Global Authentication and Allow Anonymous