I've got a web service where different methods require different roles,
and I'm trying to enforce that now.
I've worked out *one* way of doing things, using
PrincipalPermissionAttribute - but that ends up with a response of 500
rather than a 403.
What's the best way of demanding roles for execution of individual web
methods? Obviously I can write a CheckRole method which sets the
response code appropriately, but then if I'm executing a method which
takes parameters, how do I tell the web method not to write all the
rest of the normal response out? Response.End()?
--
Jon Skeet - <sk***@pobox.com>
http://www.pobox.com/~skeet
If replying to the group, please do not mail me too