Asp .net mvc authorizationHi,
What is the best way to protect certain areas of your web application in asp .net mvc. I know we can put [Authorization] attribute at each action, but this seems very tedious since you have to put it all over the place. I'm using membership provider and trying the way I used to do in postback model by setting this protection based on the folder. I use web.config <location> section to protect some folders. I tried this in MVC, it seems to be working, but most of tutorial uses the [Authorization] way.
Which one is the better method?