in my application (MVC 3), I have a few types of users, and here's the typical - I guess - scenario: I want to restrict the access to some controllers for some of them, and also some of them can have access to the specified controller but not for all actions. I'm looking for some tips or articles how to create that scenario. Thanks for any ideas !
问问题
33 次
2 回答
2
You want to look into the AuthorizeAttribute. You can also find more info here.
于 2013-04-13T19:45:27.467 回答
1
要限制用户执行所有操作,请在整个控制器上使用 AuthorizeAttribute。但是,如果您想将用户限制为某些选定的操作,请在所需操作上使用 AuthorizeAttribute(而不是在整个控制器上)。同样,您还可以使用角色将经过身份验证的用户限制为某些控制器或操作方法。例子:
[AuthorizeAttribute(Roles = "Employee")]
于 2013-04-13T20:32:04.897 回答