0

I am working on a small MVC application and now I want to implement an admin section on the website, so that only admin users can access that page/section. I currently have form authentication login.

I followed a tutorial (http://msdn.microsoft.com/en-us/library/t32yf0a9.aspx) regarding Role Provider in MVC and how it can ristrict and do all these stuff using the wizard for role provider, how you can create users.

My question is those users i setup for admin/non admin using the role provider wizard, will they be the users i would authenticate to access the application? i currently have authentication that check users against the database

Thanks in advance

kayze
  • 738
  • 8
  • 19
  • 33

1 Answers1

1

I would suggest you to simply "google" about this issue.

Look how it's easy:

Basically, there is the AuthorizeAttribute out there which you should use and supply with your authorized users:

[Authorize("Kayze")]
public ActionResults Employees()
{
  //Your code
}

Now notice that "Kayze" user will be validated against the source (DB, Active-Directory, file etc.) which your Role Provider is based on.

The users authorization and authentication is depends on your Role-Provider, please read this article about how to configure it: http://odetocode.com/articles/427.aspx

Yair Nevet
  • 12,725
  • 14
  • 66
  • 108
  • 1
    Thanks for replying, i do know that Authorize attribute. And i already have a working authentication code for "all users". My question was regarding using role provider and how it authenticates, and how it ristricts different users (ie Admin, normal) – kayze Oct 09 '13 at 20:59
  • It's depends on which Role-Provider you are using. – Yair Nevet Oct 09 '13 at 21:01