使用AD MVC3授权 [英] MVC3 authorization using AD

问题描述

是否有可能批准/拒绝使用反倾销的MVC3应用程序的用户？

Is it possible to authorise/deny users of an MVC3 application using AD?

我的应用程序使用目前的Windows身份验证安全，但是这意味着将用户添加到组Win2007服务器上。

My app is secured using Windows authentication at the moment, but that means adding users to groups on the Win2007 server.

我想改变这种状况，使用户被允许/拒绝访问应用的新/和控制器动作/视图根据他们的广告，而不是角色，所以他们要么自动登录（如Windows身份验证），或者他们重定向一个被拒绝页面。

I'd like to change that so that users were allowed/denied access to the appliction/and controller actions/view based upon their AD roles instead, so they either auto-logged in (like Windows auth) or they get redirected to a "denied" page.

任何帮助非常感激地接受......一切，我觉得似乎是基于Windows组，或窗体身份验证。

Any help very gratefully accepted...everything I find seems to be based upon Windows groups, or forms authentication.

推荐答案

您可以使用角色属性：

[Authorize(Roles = @"SOMEDOMAIN\somegroup")]
public ActionResult Foo()
{
    ...
}

下面是一个教程这也解释了步骤。

Here's a tutorial which explains the steps.

这篇关于使用AD MVC3授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！