ASP.Net MVC: Can the AuthorizeAttribute be overriden?

后端未结

关注

 2  609

鱼传尺愫 2020-12-17 07:20

My current project is an internal web application built using ASP.Net MVC which I am adding authentication to. I have a pre-built HTTPModule which creates a IPrincipal with

2条回答

刺人心 (楼主)

2020-12-17 07:56
Well in the end I think my answer was in the question. Instead of putting the Authorize attribute on my base controller I have derived a new AdminBaseController.
```
[HandleError]
public abstract class MyControllerBase : Controller
{
    ...
}

[Authorize(Roles="Admin")]
public abstract class AdminControllerBase : MyControllerBase
{
    ....
}
```
Now any controllers that require authentication can derive from AdminControllerBase while my public controllers can derive from MyControllerBase. OO to the rescue.
0 讨论(0)

查看其它2个回答
发布评论:

提交评论
- 加载中...