Hi
I ditching asp.net membership so I am guessing I need my own authorize tags(correct me if I am wrong). Since probably the ones they have all point to the membership classes(Not sure how to verify this though).
Now I tried to do this
public class MyTest : AuthorizeAttribute {
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext == null) throw new ArgumentNullException("httpContext");
// Make sure the user is authenticated.
if (httpContext.User.Identity.IsAuthenticated == false)
{
return false;
}
else
{
return false;
}
}
}
I then in my defautl view I have this.
FormsAuthentication.SetAuthCookie("xiao", true);
I then have on another view
[MyTest()] public ActionResult About() { return View(); }
I then go to this view and I am still able to access it. I see that it puts this in the url
"LogOn?ReturnUrl=%2fHome%2fAbout"
but bottom line it is I still can see the page(and all the content). When I should see just at the very least your not authorized or something like that.
what am I doing wrong?
Thanks
Ok it seems to work now but I still don't know how to pass in roles.