Role base Authentication in MVC

Question

I am creating role base authentication with User and UserRole Table. But my login page redirect again and again. I can see 302 error in Inspect element utility. Below are source code MyAccount Controller using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Mvc; using System.Web.Security; using EasyApp.Models; namespace EasyApp.Controllers { public class MyAccountController : Controller { // GET: MyAccount [AllowAnonymous] public ActionResult Login() { return View(); } [AllowAnonymous] [HttpPost] [ValidateAntiForgeryToken] public ActionResult Login(Login l, string ReturnUrl = "" ) { using (LPDBContext dc = new LPDBContext()) { var user = dc.Users.Where(a => a.Username.Equals(l.Username) && a.Password.Equals(l.Password)).FirstOrDefault(); if (user != null ) { FormsAuthentication.SetAuthCookie(user.Username, false ); if (Url.IsLocalUrl(ReturnUrl)) { return Redirect(ReturnUrl); } } ModelState.AddModelError( "UserName" , "username or password is incorrect !" ); ModelState.Remove( "Password" ); return View(); } } [Authorize] public ActionResult Logout() { FormsAuthentication.SignOut(); return RedirectToAction( "Index" , "Main" ); } } } Main Controller using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Mvc; namespace EasyApp.Controllers { [Authorize] public class MainController : Controller { // GET: Main [AllowAnonymous] public ActionResult Index() { return View(); } [Authorize] public ActionResult EDPDashboard() { return View(); } [Authorize(Roles = "Admin" )] public ActionResult DPDashboard() { return View(); } [Authorize(Roles = "Admin" )] public ActionResult RTFlim() { return View(); } } } Web.Config File xml version = "1.0" encoding = "utf-8" ?> For more information on how to configure your ASP.NET application, please visit http://go.microsoft.com/fwlink/? LinkId = 301880 -- > configuration > configSections > section name = "entityFramework" type = "System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission = "false" /> configSections > connectionStrings > add name = "LPDBContext" connectionString ="meta data =res://*/Models.EasyAppDB.csdl|res://*/Models.EasyAppDB.ssdl|res://*/Models.EasyAppDB.msl;provider=System.Data.SqlClient;provider connection string="data source = EDP \SQLEXPRESS;initial catalog = LPDB ;persist security info = True ;user id = sa ; password = sa123 ; multipleactiveresultsets = True ;application name =EntityFramework "" providerName = "System.Data.EntityClient" /> connectionStrings > appSettings > --> --> add key = "webpages:Version" value = "3.0.0.0" /> add key = "webpages:Enabled" value = "false" /> add key = "ClientValidationEnabled" value = "true" /> add key = "UnobtrusiveJavaScriptEnabled" value = "true" /> appSettings > system.web > globalization uiCulture = "en" culture = "en-GB" /> authentication mode = "Forms" > forms loginUrl = "MyAccount/Login" /> authentication > roleManager defaultProvider = "myroleprovider" enabled = "true" > providers > clear /> add name = "myroleprovider" type = "EasyApp.WebRoleProvider" /> providers > roleManager > compilation debug = "true" targetFramework = "4.5" /> httpRuntime targetFramework = "4.5" /> pages > namespaces > add namespace = "GridMvc" /> add namespace = "System.Web.Helpers" /> add namespace = "System.Web.Mvc" /> add namespace = "System.Web.Mvc.Ajax" /> add namespace = "System.Web.Mvc.Html" /> add namespace = "System.Web.Optimization" /> add namespace = "System.Web.Routing" /> add namespace = "System.Web.WebPages" /> namespaces > pages > system.web > system.webServer > modules > --> modules > directoryBrowse enabled = "true" /> system.webServer > runtime > assemblyBinding xmlns = "urn:schemas-microsoft-com:asm.v1" > dependentAssembly > assemblyIdentity name = "Newtonsoft.Json" culture = "neutral" publicKeyToken = "30ad4fe6b2a6aeed" /> bindingRedirect oldVersion = "0.0.0.0-6.0.0.0" newVersion = "6.0.0.0" /> dependentAssembly > dependentAssembly > assemblyIdentity name = "System.Web.Optimization" publicKeyToken = "31bf3856ad364e35" /> bindingRedirect oldVersion = "1.0.0.0-1.1.0.0" newVersion = "1.1.0.0" /> dependentAssembly > dependentAssembly > assemblyIdentity name = "WebGrease" publicKeyToken = "31bf3856ad364e35" /> bindingRedirect oldVersion = "0.0.0.0-1.5.2.14234" newVersion = "1.5.2.14234" /> dependentAssembly > dependentAssembly > assemblyIdentity name = "System.Web.Helpers" publicKeyToken = "31bf3856ad364e35" /> bindingRedirect oldVersion = "1.0.0.0-3.0.0.0" newVersion = "3.0.0.0" /> dependentAssembly > dependentAssembly > assemblyIdentity name = "System.Web.Mvc" publicKeyToken = "31bf3856ad364e35" /> bindingRedirect oldVersion = "0.0.0.0-5.2.3.0" newVersion = "5.2.3.0" /> dependentAssembly > dependentAssembly > assemblyIdentity name = "System.Web.WebPages" publicKeyToken = "31bf3856ad364e35" /> bindingRedirect oldVersion = "0.0.0.0-3.0.0.0" newVersion = "3.0.0.0" /> dependentAssembly > dependentAssembly > assemblyIdentity name = "Antlr3.Runtime" publicKeyToken = "eb42632606e9261f" culture = "neutral" /> bindingRedirect oldVersion = "0.0.0.0-3.5.0.2" newVersion = "3.5.0.2" /> dependentAssembly > assemblyBinding > runtime > entityFramework > defaultConnectionFactory type = "System.Data.Entity.Infrastructure.LocalDbConnectionFactory, EntityFramework" > parameters > parameter value = "mssqllocaldb" /> parameters > defaultConnectionFactory > providers > provider invariantName = "System.Data.SqlClient" type = "System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" /> providers > entityFramework > system.codedom > compilers > compiler language = "c#;cs;csharp" extension = ".cs" type = "Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel = "4" compilerOptions = "/langversion:6 /nowarn:1659;1699;1701" /> compiler language = "vb;vbs;visualbasic;vbscript" extension = ".vb" type = "Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel = "4" compilerOptions ="/langversion:14 /nowarn:41008 /define:_MYTYPE=\" Web \" /optionInfer+" /> compilers > system.codedom > configuration > and My Error User base authentication works but Role base could not works. whats is the reason.....?

Joginder Banger · Answer

try the following link https://dotnettutorials.net/lesson/role-based-authentication-in-mvc/

Raju Fodse · Answer

When I used User base authentication it works, but when I use role base authentication it redirects on login page again and again

Laxmidhar Sahoo · Answer

hi The my previous post call with the bellow code [AuthorizeEnum(Roles.Administrator)] public ActionResult ThePrivilegeZone() { return View(); }

Jignesh Kumar · Answer

Hi, Please use this link, I think you are missing some of web config changes on your code, https://www.c-sharpcorner.com/article/role-based-authentication-in-asp-net-mvc/

Raju Fodse · Answer

I do exaclly but accoridng to above link, but it redirects gain and again

Laxmidhar Sahoo · Answer

using System; using System.Linq; using System.Web.Mvc; namespace MvcApplication.HowTo.Attributes { [AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true , AllowMultiple = true )] public class AuthorizeEnumAttribute : AuthorizeAttribute { public AuthorizeEnumAttribute( params object [] roles) { if (roles.Any(r => r.GetType().BaseType != typeof (Enum))) throw new ArgumentException( "roles" ); this .Roles = string .Join( "," , roles.Select(r => Enum.GetName(r.GetType(), r))); } } } [Flags] public enum Roles { Guest = 0, Editor = 1, Author = 2, Administrator = 4 }