Last post Jun 12, 2006 04:45 AM by Moe Tarhini
Jun 12, 2006 04:45 AM|Moe Tarhini|LINK
The solution is to implement your own HTTP Module and determine the allow / deny security based upon the
roles attribute in the Web.sitemap file. This works in conjunction with ASP.NET 2.0's built-in security.
Add the following code to your web.config file inside the
<system.web> node. This will allow you to intercept requests to all pages before processing, allowing you to force the
<httpModules> <add name="SecurityHttpModule" type="Joel.Net.SecurityHttpModule" /></httpModules>
Here's the code that performs all the magic...
View Source Code
Senior Software Engineer