protected override void Application_AuthenticateRequest (object sender, EventArgs e)
{
var context = HttpContext.Current;
var currentNode = SiteMap.CurrentNode;
var resourceType = Path.GetExtension(context.Request.Url.AbsolutePath).Replace(".",
string.Empty).ToLower();
if (resourceType == "aspx" && currentNode != null && context.User != null)
{
if (currentNode.Roles.Count == 1 && (string.Compare("*",
currentNode.Roles[0].ToString().Trim()) == 0))
return;
if (!currentNode.Roles.Cast<string>().Any(role => context.User.IsInRole(role)))
FormsAuthentication.RedirectToLoginPage();
}
}
Wednesday, July 11, 2012
Will Hendrix's AOPesque means for redirecting users without appropriate permissions from accessing forbidden content at Global.asax
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment