mvc 3 session and authorizeAttribute

Question

My site is open to all but i have a controller with some method that only the manager with the user and password can enter. I\'m saving the bool IsManager in a

Answer 1

To keep this in line with ASP.NET security you should add the IsManager role to your membership/role system, then add that user to the role. No hacking required then and you can use the built in Authorize attribute.

Are you using the built in membership providers? If so this would be a snap.