我想对用户进行授权，以我的控制器中执行特定的操作。我已经找到了 ASP.NET教程这也解释了如何让个人用户来执行具体的行动，但可以这样延伸到安全组？例如，将每个人都属于域\组安全组可以访问GetSecrets动作，如果code是这样的：

I'd like to authorize users to perform specific actions within my controllers. I've found the ASP.NET tutorial which explains how to allow individual users to perform specific actions but can this be extended to security groups? For example, would everyone belonging to the "domain\group" security group have access to the GetSecrets action if the code looked like this:

[Authorize(Users="domain\group")]
public ActionResult GetSecrets()
{ return View(); }

如果没有，我将如何做到这一点？

If not, how would I do this?

推荐答案

您想要使用的Roles属性。请注意，这可能是一个逗号分隔的角色列表。

You want to use the Roles property. Note that this can be a comma-separated list of roles.

 [Authorize(Roles=@"domain\group")]