On Mar 20, 3:52 pm, Beaker <Bea...@discussions.microsoft.comwrote:
I vaguely recall that ASP.NET 1.1 had a way to specify specific pages and
associate required roles to access those pages.. Is there something similar
to that in ASP.NET 2.0? IE, I would like to say that all pages are open,
except x.aspx, y.aspx, and z.aspx. These pages require roles, a,b,c.. Looking
at the allow element, there is no page or related property..??
Sorry if this was already answered..
Thanks for the help..
In the web.config for a directory or the main one you can setup the
<authorizationpart to do what you need.
If you want to restrict a certain page you need to put the
authorization in a <locationsection for that page or path.
For example:
<location path="x.aspx">
<system.web>
<authorization>
<allow roles="a,b,c" />
<deny users="*" />
</authorization>
</system.web>
</location>