RE: Permission check for secured subfolders?

From: David Coe, MCAD (DavidCoeMCAD_at_discussions.microsoft.com)
Date: 07/14/04


Date: Tue, 13 Jul 2004 20:00:02 -0700

It seems like there are a couple options to what you are trying to accomplish. You can either set up the relationships on the database side. IE, user A belongs to group A. Group A has links 1,2,3,4 associated with it. Get the group name associated with the user at login, then get the appropriate links. OR, you could hold a Session variable that checks the user group/link association, and only display the links associated with each group by showing and hiding panels.

"TK" wrote:

> I'm building an ASP.NET application works in Forms Authentication mode with
> custom user account database. And it shows clients a list of hyperlinks to
> content pages located in some separated subfolders. This application and
> content pages are entirely secured, so everyone must logon to the
> application. The application pages and most of content pages are accessible
> for every authenticated clients but some of content pages in some specific
> subfolders are served for specific users and groups only. I'm using URL
> authorization to achieve this. Everything works fine now.
>
> Now what I'm attempting to do is, hide/remove hyperlinks to unacceptable
> contents from the contents list page. To do this, I want to test client's
> access right for every subfolders at server side Page_Load() function, so
> that avoid client user's useless operation. I don't want to show clients the
> access forbidden message any more.
>
> How can I do it?
> Help me please.
>
> best regards,
> TK
>
>