I have a project that uses Role based authentication to control access to a number of areas. In previous versions I was able to control this via attributes such as those in the title of this post however in VS2013 with MVC5 these no longer appear to work. Although the user is in a role I always get a 401 error returned; The [Authorise] and [Authorise(Users="userName")] versions do work.
I did suspect the issue was with the way I manually added the roles to the AspNetRoles table but I am sure role management is working as a call to UserManager.IsInRole(user.id, "roleName") works as expected. (I am using this as a workaround at the moment)
I have not been able to find any examples of usage under the new Identity management system and, unfortunatly, Microsoft seem to have stoped providing examples on their documentation.
So I guess the question is:- should this work out of the box using Microsoft.AspNet.Identity? if not what am I missing? If there is an alternative what is it?
If anyone out there has implimented this and could provide steps and an example I would be greatful.
Alan Bell