Home/ Questions/Q 7169721
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-28T15:03:59+00:00

I have a multi-language .Net 4 webforms site (www.example.com/en/, www.example.com/fr/ etc.) and each language

  • 0

I have a multi-language .Net 4 webforms site (www.example.com/en/, http://www.example.com/fr/ etc.) and each language has a member area, e.g. http://www.example.com/en/members/ and http://www.example.com/fr/members/

A CMS (Umbraco) has control over language branches and content, and therefore has control over adding or removing them. This means that I cannot use the <location> sections in the root web.config to deny anonymous access to each members branch as they may be published after the application has started.

Is there any way to add a ConfigurationLocation section to the Locations property of a System.Configuration.Configuration instance after an application has started, without restarting the application? Alternatively, is there a more flexible way to control path access at runtime?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The solution I used was to create a HttpModule. But with a HttpModule in umbraco, you can not easily retrieve the currentNodeId as this is added as part of a different process.

    The module carried out the following checks on the PostAuthenticateRequest event:

    1. Is the requested path a reserved path in umbraco?
    2. Is the user authenticated already?

    If these two both returned false

    1. Using the request domain, I retrieved the root node id by finding the node with the matching asscociated domain;
    2. I then created a xpath query using the parts of the requested path but that existed underneath the node with the id retrieved above. This query gave me the current node;
    3. I then checked whether the current node existed as a descendant of a node flagged as requiring authentication.
    • 0