2

I've seen that the AuthoriseAttribute can work for each individual controller, what i would like to do is set the entire site permissions to one AD group, is that easy to do or should i just copy and paste the authattrib line to each controller?

Thanks

Alicia
  • 1,152
  • 1
  • 23
  • 41
AlexW
  • 2,843
  • 12
  • 74
  • 156
  • 1
    Add a global filter like the person demonstrates in this question: http://stackoverflow.com/questions/11033357/asp-net-mvc-global-authorize-filter-forcing-login-on-an-allowanonymous-action – asawyer Aug 01 '13 at 13:30
  • in the global filter where do i specify what AD groups are allowed to use the site? – AlexW Aug 01 '13 at 13:37
  • 2
    Maybe this article can be useful: http://blogs.msdn.com/b/rickandy/archive/2011/05/02/securing-your-asp-net-mvc-3-application.aspx – Vladimir Bozic Aug 01 '13 at 13:41
  • If you have seperate questions you should post them rather then asking in comments. However, since by chance I have this exact code in front of me this morning, what you'll need to do is create a new derived attribute from `AuthorizeAttribute` and override the `OnAuthorization` method to perform your custom logic. – asawyer Aug 01 '13 at 13:41
  • @VladimirBozic That's a great post, thank you! Im bookmarking it for future reference. – asawyer Aug 01 '13 at 13:42

1 Answers1

5

As @asawyer mentioned using global filter for your case is good practise. For another part of your question in comment: in the global filter where do i specify what AD groups are allowed to use the site? you can specify roles in OnAuthorization method of your custom authorize attribute, smth like:

public class MyAuthAttribute: AuthorizeAttribute
{                
    public override void OnAuthorization(AuthorizationContext filterContext)
    {  
        Roles = 'ad role1, ad role2...'; //Roles is AuthorizeAttribute member
        base.OnAuthorization(filterContext);
    }
}

and than use it like:

GlobalFilterCollection.Add(new MyAuthAttribute());

in global.asax or w/e else

Sergio
  • 6,900
  • 5
  • 31
  • 55