Assignment #9 Security in MVC
Objectives
Learn how to implement role based security in ASP.NET MVC
Assignment
You will need to be able to implement user security to your site. You will need to select an authentication model and provide at a minimum role-page access. You may select to store your own accounts, use OAuth to allow login with Facebook or Google accounts.
(1) Document and determine the type of security and authentication you desire. You can submit a word, pdf, or write this up on the BB
(2) Implement the security allowing only authenticated access to specific pages that you can demonstrate.
Information
The implementation of the security for the site is not extremely challenging and involves simple addition of code to control access at the controller level. The importance of good access control is, however, extremely important. Good understanding of the different ways to present security and the use of user level access and role based securities in web systems is an important topic.
I highly recommend going through the full documentation of the identity model – http://www.asp.net/identity
Estimated Completion Time
Supporting Lectures
Questions and Answers
External Resources
A really good video that will get you completely through this is at – http://pluralsight.com/training/Player?author=scott-allen&name=aspdotnet-mvc5-fundamentals-m3-identity&mode=live&clip=0&course=aspdotnet-mvc5-fundamentals
A good article that covers the Microsoft authentication model step by step is here – https://code.msdn.microsoft.com/ASPNET-MVC-5-Security-And-44cbdb97