authorize

I am using ASP.Net MVC, and I was wondering how can I restrict access to a certain file. I read about using [Authorize] but it applies to controllers and actions. I try to use within the web.config but its extremely advise not to do that cause MVC becomes confuse when seeing multiple . My file is within the base of the application, e.g. /MyApp/MyFile. I would like to do is, when a user navigates to the file. The user will see, correct me if I'm wrong, the HTTP 401 error or something. In order to do this stick the files in a folder under App_Data which will prevent direct access and then you

I would like to use [Authorize(Roles="Admin")] tags on my controller methods. If a user is not an admin I would like to return this user to my login screen. The default behaviour of returning the user to my login page is reroute my user to "Account/Login" using a Get url. The problem is, my website's subpages are all partial views refreshed by Ajax calls, including my login screen. So my question is: Is it possible to alter the class below to return a post redirect instead of a get redirect? public class AjaxAuthorizeAttribute : AuthorizeAttribute { override public void OnAuthorization

I am new MVC 3 user and I am trying to make admin through SQL database. First of all, I have Customer entity and admin can be defined through admin field which is boolean type in Customer entity. I want to make to access admin only in Product page, not normal customer. And I want to make [Authorize(Roles="admin")] instead of [Authorize]. However, I don't know how can I make admin role in my code really. Then in my HomeController, I written this code. public class HomeController : Controller { [HttpPost] public ActionResult Index(Customer model) { if (ModelState.IsValid) { //define user whether

I'm learning MVC4 right now, and I am following the Pro ASP NET MVC4 4th edition book to create a Sports Store project. I have always developed in webforms, and I am trying to figure out how the forms authentication is working in MVC4. Here is what I have achieved: Web.Config <authentication mode="Forms"> <forms loginUrl="~/Account/Login" timeout="2880"/> </authentication> AccountController login Action: [HttpPost] public ActionResult Login(LoginViewModel model, string returnUrl) { if (ModelState.IsValid) { if (authProvider.Authenticate(model.UserName, model.Password)) { return Redirect

i have some services on ServiceStack and use SignalR in this project. And now, i would like to secure hub connection (access only for authenticated users), but i use ServiceStack framework authentication.. (not asp.net authentication) and ServiceStack's sessions (write AuthUserId ih this session and authentication flag). So, when user trying connect to the hub -- hub must to check authentication... (yes, i can request Cookies from Hub (method OnConnected, for example), but SignalR check authentication in Authorize Attribute - and i must do it in this class (not in hub) ( http://www.asp.net