FluentSecurity is an class library to secure your Asp.net website
一、Install
二、Config into Global.asax
private void SetPolicy() { // set security SecurityConfigurator.Configure(config => { config.GetAuthenticationStatusFrom(() => UserVerify.IsUserAuth()); config.For<HomeController>().Ignore(); config.For<UsersController>().AddPolicy(new RolePolicy(Roles.Admin)); config.For<TestPlanController>().AddPolicy(new RolePolicy(Roles.Admin, Roles.Lead, Roles.Guest)); config.For<CollectionsController>().AddPolicy(new RolePolicy(Roles.Admin, Roles.Lead)); config.For<TemplatesController>().AddPolicy(new RolePolicy(Roles.Lead, Roles.Admin)); config.For<AppsController>().AddPolicy(new RolePolicy(Roles.Admin, Roles.Lead, Roles.Guest, Roles.Dev)); config.For<GauntletController>().AddPolicy(new RolePolicy(Roles.Admin, Roles.Lead, Roles.Dev)); //config.For<AdminController>().AddPolicy(new RolePolicy(Roles.Admin)); config.For<ToolsController>().AddPolicy(new RolePolicy(Roles.Admin)); }); GlobalFilters.Filters.Add(new HandleSecurityAttribute(), 0); }
三、Tutorial address
http://blog.mariusschulz.com/2011/12/05/securing-an-aspnet-mvc-application-using-fluentsecurity