[SOLVED] Link security trimming in asp.net mvc

Link security trimming in asp.net mvc

I would like to show some links only to authenticated users in an asp.net mvc web application.

I use the template for an asp.net mvc web application in Visual Studio 2008 that came with the beta release of asp.net mvc.
I use forms authentication.
I would like to add something like the following to an existing view:

<a href="/Account/ChangePassword">Change password</a>

and only show the link to users who are logged in.

What is the simplest way to do that? I would like something as simple as security trimming of the web.sitemap that I have tried with asp.net web forms. (Can that be used with mvc? Or is it only for web forms?)

Solution

The following should work. You'll also need to do something similar in the controller action for this in case the user inputs the URL by hand in their browser. Or, as you say, you could restrict access to the action in the web.config.

 <% if (HttpContext.Current.Request.IsAuthenticated) { %>
    <a href="/Account/ChangePassword">Change password</a>
 <% } %>