Home/ Questions/Q 6234909
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T10:34:39+00:00

How do I go about Authorization in MVC 2? I want to use AD

  • 0

How do I go about Authorization in MVC 2?

I want to use AD groups/roles rather than the default that is provided. That seems to be “AspNetSqlMembershipProvider”.

Anyway I put :

[Authorize(Users = "username")]
        public ActionResult About()
        {
            ViewData["Welcome"] = "Welcome About";

            return View();
        }

And then loading the page gives me: The connection name ‘ApplicationServices’ was not found in
the applications configuration or the connection string is empty.

Line 34:       <providers>
Line 35:         <clear />
Line 36:         <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
Line 37:       </providers>
Line 38:     </membership>

I read this stackoverflow, but after creating a custom class AuthorizationAttribute extending ActionFilterAttribute ContextCache, IoC and a number of other things could not resolve, and not really sure where to go from there. I also read this stackoverflow and it suggests going about it differently, starting to get confused.

How do I go about using AD groups rather than AspNetSqlMembershipProvider in MVC app ?

Bonus question: Say I have a “Edit” button a page. Can I add logic to decide whether to render this button based on the Authorization ?

Thank you for your help.

Edit: some further information.

I do not intend to block or allow ALL access to this site.

I intend to have 3 basic user groups differentiating level of access, i.e. Super Admin, Admin,
Basic Access.

There will be no log in form, when the user hits the site we will check which group the user is a member of- then the page renders based on that.

So for example, user ‘bob’ in ‘Basic Access’ group will hit the page and buttons/actions like “Edit”, “Delete” are disabled, so basically a read only group. But user ‘jim’ in group ‘Super Admin’, has all actions/buttons available to him. How could I achieve this ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You should look into Windows Authentication

    Still use the Authorize attribute on your controllers/actions, but configure your site to use Windows Authentication instead.

    Bonus answer: To check authentication and authorization in code, you can use one of the following from a controller:

    this.User.Identity.IsAuthenticated
this.User.Identity.Name
this.User.IsInRole("roleName")
    • 0