How can i secure the Rss feed for private viewing?
+1
A:
You can secure the feed the same way you would any other file, via the web.config. Something along the lines of:
<configuration>
<system.web>
<authentication mode="Forms">
<forms name=".AUTH" loginUrl="login.aspx" protection="All" timeout="60">
<credentials passwordFormat="MD5">
<user name="admin" password="" />
</credentials>
</forms>
</authentication>
<authorization>
<allow users="?" />
<allow users="*" />
</authorization>
</system.web>
<location path="feed.xml">
<system.web>
<authorization>
<allow users="admin" />
<deny users="*" />
</authorization>
</system.web>
</location>
</configuration>
Greg Shackles
2010-03-10 03:57:30
+1
A:
If you have controller action and use builtin authorization then decorate action result with [Authorize] attribute:
[Authorize (Users="List of users", Roles="List of roles")]
RssActionResult RssFeed(params)
{
}
LukLed
2010-03-10 04:22:48