Home/ Questions/Q 8308613
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T18:51:45+00:00

I am using FormsAuthentication and ASP.NET Memberships and Roles in my ASP.NET project. I

  • 0

I am using FormsAuthentication and ASP.NET Memberships and Roles in my ASP.NET project. I have some aspx files which can be viewed / accessed by only authenticated users. I think I can do this using one of the following two ways.

  1. Configuring the web.config file. Allow users with roles ‘admin’ and ‘members’ to access those apsx files, and deny all other anonymous users.

  2. In page_load events of those apsx files, just checking whether the curent user is authenticated or not using HttpContext.Current.User.Identity.IsAuthenticated

I am wondering whether these two approaches are equivalent or not for apsx files.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    They are not equivalent. Method 1. gives access only to the “admin” and “members” roles. If you add another role, they won’t have access. Method 2 lets any signed in user access the data.

    I think that the preferred way is to organize the aspx files in directories depending on what roles should access them. Then configure access on the directories in web.config.

    • 0