c# - Can user authorization be set on a per-controller basis in web.config? (cannot use AuthorizeAttribute) -


i have web api 2 app using windows auth. have multiple controllers , in web.config authorization:

<system.web>     <compilation debug="true" targetframework="4.5" />     <httpruntime targetframework="4.5" />     <authentication mode="windows" />     <authorization>       <allow users="allowedusersandgroups" />       <deny users="?" />     </authorization>     <sessionstate mode="off" />   </system.web>

this "blanket" authorization works great, but have 2 specific controllers need lock down differently: want specify different users authorized hit these 2 controllers.

the obvious answer use [authorize()] attribute on controller classes, cannot use attribute because using per-environment (dev-uat-prod) xml transforms web.config , need able change users authorized on these controllers in each environment.

so, possible specify authorization individual controllers in web.config file?

i open other solutions long allow authorizing different users when app deployed in each environment (dev-uat-prod).

thanks!

in our environment use approach:

the names of active directory groups stored in app-settings. these names different per environment.

next created subtype of authorizeattribute called authorizewritersattribute this:

public class authorizewritersattribute : authorizeattribute  {     public      {         roles = configurationmanager.appsettings["solutionname:authorizedwriters"];         // removed dependency on configurationmanager brevity suffices.     } }

finally apply attribute our controllers:

[authorizewriters] public class blogcontroller : controller {     .... }

we use ad-groups ad-accounts should work well.


Comments

Post a Comment

Popular posts from this blog

1111. appearing after print sequence - php -

morning, i have code takes string of shoe sizes, explodes , puts in table. code works , info displayed correctly on page after table there few 1's after table. i'm confused this. so table looks (in columns of 3 on webpage) available in following sizes: 3 4 5 6 9 10 111 here's codes, purpose of example $x = 3|4|6|10|9 function get_sizes_pipe($x) { $counter = 0; $splits = explode("|",$x); asort($splits); $x = print "<table class='greentable'>"; $x .= print "<thead><tr><th scope='col' colspan='3' abbr='starter'>available in following sizes:</th></tr></thead><tbody><tr>"; foreach ($splits $split) { $entry = print "<td>".$split."</td>"; if($counter == 2){ $entry .= print "</tr><tr>"; $counter =0; } else { $counter++; ...
Read more

java - WARN : org.springframework.web.servlet.PageNotFound - No mapping found for HTTP request with URI [/board/] in DispatcherServlet with name 'appServlet' -

this question has answer here: why spring mvc respond 404 , report “no mapping found http request uri […] in dispatcherservlet”? 3 answers i trying making simple bbs i'm encountering following error, warn : org.springframework.web.servlet.pagenotfound - no mapping found http request uri [/board/] in dispatcherservlet name 'appservlet' i have tried solve error many times, have failed. how can solve error? here web.xml, controllerand , servlet-context. my web.xml <?xml version="1.0" encoding="utf-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <filter> <filter-nam...
Read more

Ruby on Rails, ActiveRecord, Postgres, UTF-8 and ASCII-8BIT encodings -

weirdest error, who’s challenge try , me? spent hours yesterday on , it’s magic. can't believe happening , it's driving me crazy. btw, using: rails 4.2.3 ruby 2.2.3 pg 0.18 encoding.default_internal = encoding.default_external = utf-8 config.encoding = 'utf-8' it has postgres, activerecord , encodings! turns out we’ve been getting these errors whenever create new users on database special characters: encoding::undefinedconversionerror: "\xc3" ascii-8bit utf-8 \xc3 may vary depending on characters. weird part we’ve set since beginning utf-8. makes no sense , digged it, , used script: user.all.each |user| user.attributes.each |name, value| if value.is_a? string puts user.email + name.encoding.to_s + value.encoding.to_s end end end and output of 1 of users, users same: dr_lottahelp@blahblah.comutf-8utf-8 dr_lottahelp@blahblah.comutf-8ascii-8bit dr_lottahelp@blahblah.comutf-8ascii-8bit dr_lottahelp@blahblah.comutf-8asci...
Read more