ASP.NET MVC > Authentication and Authorization

Securing controller action methods in ASP.NET MVC

How to mark a controller to be accessed only by logged in user?

To mark a controller to be accessed only by a logged in user, we can use Authorize attribute.


public class AuthorizeController : Controller

    public ActionResult Index()
        return View();

Above controller action method will only be accessible to those user who are logged in to the application. Despite Index method doesn’t have Authorize attribute but this method will not be available to the anonymous user as the Authorize attribute is written at the Controller level so all action method inside the controller will be secure.

 Views: 2916 | Post Order: 79

Write for us