How do I write my own AuthorizeTag?

Question

How do I write my own AuthorizeTag?

I am giving up my asp.net membership, so I am assuming I need my own authorization tags (correct me if I am wrong). Since perhaps they all point to membership classes (not sure how to check this).

Now I tried to do this

public class MyTest: AuthorizeAttribute {

protected override bool AuthorizeCore(HttpContextBase httpContext)
{
    if (httpContext == null) throw new ArgumentNullException("httpContext");

    // Make sure the user is authenticated.
    if (httpContext.User.Identity.IsAuthenticated == false)
    {
        return false;
    }
    else
    {
        return false;
    }
}

}

I then in my defautl view I have this.

FormsAuthentication.SetAuthCookie ("xiao", true);

Then I look at another view

[MyTest ()] public ActionResult () {return View (); }

Then I go to this view and I can still access it. I can see that it is putting this in the url

"LogOn?ReturnUrl=%2fHome%2fAbout"

but on the bottom line, I can still see the page (and all content). When I see that at least you are not logged in or something.

what am I doing wrong?

thank

Ok, now it works, but I still don't know how to play the roles.

+2

c # .net asp.net asp.net-mvc asp.net-membership

xiao 28 Sep '09 at 2:58

source to share

2 answers

A Custom role provider would be helpful ...

0

The king 29 Sep 09 at 10:19

source to share

rick schott · Accepted Answer · 2009-09-28T16:00:02+0000

You can implement a custom membership provider and save you a lot of grief.

How do I write my own AuthorizeTag?

More articles: