Looking for a custom authorization solution for a asp.net mvc 3 application with sql server 2008. I dont want to use the ASPNETDB.mdf though.
At the moment I am trying to use a customactionfilter but I dont know how to return a boolean here. Does anyone have a good sample of a similar scenario?
public class CustAuthFilterAttribute : ActionFilterAttribute, IActionFilter
{
public string Roles {get;set;}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//return true/false based on Role the user has
base.OnActionExecuting(filterContext);
}
}
You should be deriving from AuthorizeAttribute if you want to implement custom authorization.
This answer gives you a short example in how to use it.
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
// check context and roles
...
return true;
}
}