Hi, I am planning a new portal solution in ASP.NET MVC. I need to be able to have some parts of the site visible for everyone (public part) and a part where only registered users are allowed to visit. In traditional Web Forms the security was made on folder level, but how about ASP.NET MVC? Could someone please explain me how to do this - or if its more beneficial to go the web forms way.
/H4mm3rHEad
Check out this link:
http://blog.wekeroad.com/blog/aspnet-mvc-securing-your-controller-actions/
Take a look at this post talking about the AuthorizeAttribute. It can be applied to specific actions or an entire controller.
Security is mostly done on the Controller or Action level via attributes. More information on the Authorize attribute can be found here:
You can easily see how it works by going File-> New MVC project and checking out the AccountController.cs file inside the /Controllers/ directory.
Be aware the answers by Vitaly and Agent_9191 are not current and reference mostly preview MVC builds. Those articles may reference code and or functionality that does not exist or has been depreciated.