Custom fine-grained claims based authorization system in ASP.NET MVC - wheres and hows
Posted
by BuzzBubba
on Stack Overflow
See other posts from Stack Overflow
or by BuzzBubba
Published on 2010-05-08T08:32:31Z
Indexed on
2010/05/08
8:38 UTC
Read the original article
Hit count: 360
asp.net-mvc
|authorization
|custom-attributes
|security-roles
|claims-based-authorizatio
So, I'd like to implement my own custom authorization system in MVC2.
If I'd have to create a global class, where do I instantiate it? Can HttpContext be extended with my own additions and where do I do that? Should I use Authorization filters for rights validation or ActionFilters or do it within an action? Can ActionFilter pass any data to the action itself?
Previously (in WebForms) I was using a Session object where I would put a serialized object containing essential user data (account id and a list of roles and rights) and I'd extend my own Page class.
© Stack Overflow or respective owner