I have an MVC 4 application which is open to all users, no login needed. There is one controller only which I need to apply Windows Authentication to via a Web.Config, like this:
<authentication mode="Windows" />
<authorization>
<allow users="domain\jsmith" />
<deny users="*" />
</authorization>
The controller would MySite.Com/MyApp/MyAdminReportController
If this is possible, how?
I think you just need Windows auth and specify paths which are only need authorization. If you don't need Forms auth as well it looks like this:
<configuration>
...
<system.web>
......
<authentication mode="Windows">
</authentication>
</system.web>
<location path="MyAdminReport">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
</configuration>
This is web config approach, other options is adding [Authorize] attribute to your controllers (even not hole controller you can add this attr for only specific actions too).
[Authorize]
public class MyAdminReportController : Controller
{
//[Authorize]
public ActionResult PrivatePage()
{
return View();
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.