Can you find out which web.config contained your setting?

tree. This seems like the behavior I want. However, I have no clue

from which web.config file the location came from. I need to know this
information because I want to correctly figure out the resolved path
of each location's path attribute.

Simple Answer: No.

The ConfigurationManager gives the unified result.
--
Happy Hacking,
Gaurav Vaish
http://blogs.mastergaurav.com
http://eduzine.edujini-labs.com
---------------------------

That sucks. My application has defined roles and permissions. I use
ASP.Net authentication to lock out folders and files by roles using
the <authorizationsection. My problem is that I'd like to extend the
security so I could also lock out folders and pages by permissions. I
figured I'd still use the <authorizationsection for role-based
security, but if I wanted to grant access to users based on a
permission (permissions are groups into roles), I could use my own
config section. I would modify my Master page to read the config to
see if the page or folder was being restricted by permissions. I'd
then check my user's profile to see if they indeed had that
permission. I had this in mind:

<CustomAuthSettings>
<Locations RedirectUrl="AccessDenied.aspx">
<add Path="Page1.aspx" Permissions="Perm1, Perm2" />
<add Path="Page2.aspx" Permissions="Perm1" />
</Locations>
</CustomAuthSettings>

Of course, I could write code in each individual page to check for a
specific set of permissions, but having it in the web.config along
with the <authenticationsection made better sense for
maintainability. I can still get this to work, but only at a single
folder level.

The ElementInformation.Source property is NOT null if the <location>
existed in the web.config from the same directory. This sort of gets
me where I want to be. But it would be ideal to be able to set
security up the folder tree (e.g., path="subfolder/default.aspx").

Any other ideas?

Jason

re:
!I can still get this to work, but only at a single folder level.

Couldn't you try adding a setting to the AppSettings section,
of each web.config you have, which contains the name of the directory it's in ?

i.e. :

<appSettings>
<add key="directory" value="directory_name" />
</appSettings>

Then, it's easy to query the current web.config, or any web.config above it in the application's directory tree,
for the data you want, coupled with the directory's name (presumably so you can can modify it, right ?).

Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
======================================
"daokfella" <jj******@hotmail.comwrote in message
news:53**********************************@79g2000h sk.googlegroups.com...

That sucks. My application has defined roles and permissions. I use
ASP.Net authentication to lock out folders and files by roles using
the <authorizationsection. My problem is that I'd like to extend the
security so I could also lock out folders and pages by permissions. I
figured I'd still use the <authorizationsection for role-based
security, but if I wanted to grant access to users based on a
permission (permissions are groups into roles), I could use my own
config section. I would modify my Master page to read the config to
see if the page or folder was being restricted by permissions. I'd
then check my user's profile to see if they indeed had that
permission. I had this in mind:

<CustomAuthSettings>
<Locations RedirectUrl="AccessDenied.aspx">
<add Path="Page1.aspx" Permissions="Perm1, Perm2" />
<add Path="Page2.aspx" Permissions="Perm1" />
</Locations>
</CustomAuthSettings>

Of course, I could write code in each individual page to check for a
specific set of permissions, but having it in the web.config along
with the <authenticationsection made better sense for
maintainability. I can still get this to work, but only at a single
folder level.

The ElementInformation.Source property is NOT null if the <location>
existed in the web.config from the same directory. This sort of gets
me where I want to be. But it would be ideal to be able to set
security up the folder tree (e.g., path="subfolder/default.aspx").

Any other ideas?

Jason

Not sure what is the first problem you are trying to solve but it might
worth to check how this is done for
http://msdn.microsoft.com/en-us/library/6hbkh9s7.aspx.

Using the same mechanism would allow to define things for a particular path
file tiehr using multiple web config files or by using a single config file
with a location tag. You don"t care were it comes physcially. you just care
about the location parent element...

--
Patrice

"daokfella" <jj******@hotmail.coma écrit dans le message de groupe de
discussion :
53**********************************...oglegroups.com...

That sucks. My application has defined roles and permissions. I use
ASP.Net authentication to lock out folders and files by roles using
the <authorizationsection. My problem is that I'd like to extend the
security so I could also lock out folders and pages by permissions. I
figured I'd still use the <authorizationsection for role-based
security, but if I wanted to grant access to users based on a
permission (permissions are groups into roles), I could use my own
config section. I would modify my Master page to read the config to
see if the page or folder was being restricted by permissions. I'd
then check my user's profile to see if they indeed had that
permission. I had this in mind:

<CustomAuthSettings>
<Locations RedirectUrl="AccessDenied.aspx">
<add Path="Page1.aspx" Permissions="Perm1, Perm2" />
<add Path="Page2.aspx" Permissions="Perm1" />
</Locations>
</CustomAuthSettings>

Of course, I could write code in each individual page to check for a
specific set of permissions, but having it in the web.config along
with the <authenticationsection made better sense for
maintainability. I can still get this to work, but only at a single
folder level.

The ElementInformation.Source property is NOT null if the <location>
existed in the web.config from the same directory. This sort of gets
me where I want to be. But it would be ideal to be able to set
security up the folder tree (e.g., path="subfolder/default.aspx").

Any other ideas?

Jason

Patrice,

I think this is just what I need. I'll just reconfigure my custom
settings section to something like this:

<CustomAuthSettings RedirectUrl="AccessDenied.aspx"
Permissions="Perm1,Perm2" />

and place it in a <locationsection. Thanks.

Jason