one question that's answer i didn't get in any where. if roles are created in runtime by administrator and that role name we dont know then how to set access of controller and action with that role. you are assigining role here manually with control level and action level. pl help me urgently. thanks in advance
any luck with that ? The only idea I can think of is on every page use [Authorize(Role="the actual page name")] and not use custom roles but set of pages names as roles just to access the page and then protect some buttons like create,edit and delete using other roles so the roles for page called product -products -products.create -products.edit -products.delete