We can use forms authentication or windows authentication on the Controller Class or Controller Action method. In both cases, we have to use [Authorize] attribute. When [Authorize] is applied on Controller class the entire class is available only for Authorized users. No anonymous user is allowed. But in some cases, if we want few action methods are open for the anonymous user then we can apply [AllowAnonymous] attribute on respective action methods.
[Authorize]
public class HomeController : Controller
{
public ActionResult Method1()
{
return View();
}
[AllowAnonymous]
public ActionResult Method2()
{
return View();
}
}
In the above example, Method1 is restricted for anonymous users and Method2 is open to all type of users.
[Authorize]
public class HomeController : Controller
{
public ActionResult Method1()
{
return View();
}
[AllowAnonymous]
public ActionResult Method2()
{
return View();
}
}
In the above example, Method1 is restricted for anonymous users and Method2 is open to all type of users.
No comments:
Post a Comment