I understand that in mvc to implement role based security at the controller or action level for my site I could paint the class or method with something like the following:
[Authorize(Roles = "DOMAIN\GROUPNAME")]
(I use windows authentication)
Previously in asp.net I might have done this with a location section in the config.
The problem I have with doing this is that this site is installed in various environments in the company and for each environment that value could be different.
Is there a way to give these roles an alias with a mapping in the config? Or have I got something wrong here?
EDIT
I tried:
[Authorize(Roles=ConfigurationSettings.AppSettings["UpdateRole"])]
But this gives me the error: "An attribute argument must be a constant expression, typeof expression or array creation expression of an attribute parameter type"