Re: How to determine authorized roles for a page?



Where is this information stored? In the web.config??

If yes you can use the config API to parse it.


this:
AuthorizationSection section = (AuthorizationSection)Context.GetSection("system.web/authorization");

should get you started.


-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

"Dominick Baier" <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in message news:51eb304810c1f8c96ffe631bbd60@xxxxxxxxxxxxxxxxxxxxx

you can do do that using the <authorization> element in web.config -
or

imperatively

usign Page.User.IsInRole to grant/deny access to a page.

Dom:

Thanks. Got that part already. As Alexey said, I need to determine
what Roles are permitted to access a page.



.