3.LogOn方法中的使用
[HttpPost]public ActionResult LogOn(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { if (Membership.ValidateUser(model.UserName, model.Password)) { FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return Redirect(returnUrl); } else { FormsAuthentication.RedirectFromLoginPage(model.UserName, false); //return RedirectToAction("Index", "PatientAdmin"); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } // If we got this far, something failed, redisplay form return View(model); }4.继承AuthorizeAttribute属性, 重载boolAuthorizeCore(HttpContextBasehttpContext)方法,在方法中调用权限管理的接口。