0

I am trying to create a thesis repository where the client side and admin side will have different url like Client - thesisrepo (at) domain (dot) com, and Admin - managerepo (at) domain (dot) com but they will connect to the same context, which is ThesisRepoContext.

  1. Is this design recommended? Cause I don't want the clients to access the admin side (of course) by url, so I'm thinking of separating its address.
  2. Is this possible? Is it possible to deploy two websites connecting to one database context? If yes, how?

Thanks in advance

Improve this question

1 Answer 1

Reset to default
1

I would move database context into a separate assembly for reusing it between sites. Also, I would use role based authorization to split access. BTW in this case there are no security reasons to use two separate sites.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Security-wise no, but I would still opt for two separate sites for ease of maintenance and separation purposes.
Agree with you. Keeping one site for all make sense when your admins could have user role as well. In this case you could show site content depending on roles assigned to current user.
Thanks for this clear answer. I'm just a bit confused because what if the client will try to access thesis (dot) domain (dot) com / Administrator. Anyway, thanks again
Mark a method or entire controller with AuthorizeAttribute. This will automatically check if your client has a particular role and return 401 if doesn't. See some examples here: msdn.microsoft.com/en-us/library/… Also note that in MVC prior 6th version are two different AuthorizeAttribute classes: one for MVC and one for WebAPI.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.