re:
!I can still get this to work, but only at a single folder level.
Couldn't you try adding a setting to the AppSettings section,
of each web.config you have, which contains the name of the directory it's in ?
i.e. :
<appSettings>
<add key="directory" value="directory_name" />
</appSettings>
Then, it's easy to query the current web.config, or any web.config above it in the application's directory tree,
for the data you want, coupled with the directory's name (presumably so you can can modify it, right ?).
Juan T. Llibre, asp.net MVP
asp.net faq :
http://asp.net.do/faq/
foros de asp.net, en español :
http://asp.net.do/foros/
======================================
"daokfella" <jj******@hotmail.comwrote in message
news:53**********************************@79g2000h sk.googlegroups.com...
That sucks. My application has defined roles and permissions. I use
ASP.Net authentication to lock out folders and files by roles using
the <authorizationsection. My problem is that I'd like to extend the
security so I could also lock out folders and pages by permissions. I
figured I'd still use the <authorizationsection for role-based
security, but if I wanted to grant access to users based on a
permission (permissions are groups into roles), I could use my own
config section. I would modify my Master page to read the config to
see if the page or folder was being restricted by permissions. I'd
then check my user's profile to see if they indeed had that
permission. I had this in mind:
<CustomAuthSettings>
<Locations RedirectUrl="AccessDenied.aspx">
<add Path="Page1.aspx" Permissions="Perm1, Perm2" />
<add Path="Page2.aspx" Permissions="Perm1" />
</Locations>
</CustomAuthSettings>
Of course, I could write code in each individual page to check for a
specific set of permissions, but having it in the web.config along
with the <authenticationsection made better sense for
maintainability. I can still get this to work, but only at a single
folder level.
The ElementInformation.Source property is NOT null if the <location>
existed in the web.config from the same directory. This sort of gets
me where I want to be. But it would be ideal to be able to set
security up the folder tree (e.g., path="subfolder/default.aspx").
Any other ideas?
Jason