0

I integrated a legacy ASP.NET 4 WebForms app with an ASP.NET MVC 4 app using VS2012 Update 4. The legacy app has security implemented via SQL Membership Provider. The legacy webForms pages are still secured in the newly integrated app, but the MVC views are not secured. For instance, a user cannot go to a .aspx page by directly using the page URL, say, http://myWebsite/SomeDir/Details.aspx but he/she can access a view, say, http://myWebsite/ControllerName/ActionMethod.

How can I secure the views using the same existing SQL Membership implementation that works on WebForms on this newly integrated web app.

nam
  • 21,967
  • 37
  • 158
  • 332
  • 1
    You need to place [Authorize] attribute (either on the action method or controller) to protect it. Have you tried that? Any specific error? – SBirthare Feb 25 '14 at 15:55
  • @SBirthare, I tried your suggestion and it worked. But, I have somewhat related issue so I created another post here [link](http://stackoverflow.com/questions/22073534/in-an-asp-net-webforms-and-mvc-integrated-app-the-session-time-outs-earlier-on) – nam Feb 27 '14 at 15:56
  • Just to get this question formally close, adding my comment as answer. If you are happy accept it as answer. – SBirthare Feb 28 '14 at 15:43

1 Answers1

1

You need to place [Authorize] attribute (either on the action method or controller) to protect it.

SBirthare
  • 5,117
  • 4
  • 34
  • 59