Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’ve built a “CRUD” page where it should be one admin only.
I got my admin section in http://example/Admin/action/id, as a singel controller (perhaps not the best way to do it).
But my thought was to use a session and some roles that i put in the Admin controller.
What do you think, is that a good way?
When it comes to security you shouldn’t reinvent the wheel. Using asp.net membership provider will suits for sure. Maybe some customization of membership provider to fit your needs.
You can create roles and assign them to user and after that you can secure pages using decorated [Authorize] attributes or secure for selected users like this