Home/ Questions/Q 9204043
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T23:36:45+00:00

My question is almost similar to this ASP.Net Roles: Page-Level Security Question except for

  • 0

My question is almost similar to this
ASP.Net Roles: Page-Level Security Question
except for the fact that I’m not using asp.net membership, What I have done is I have created roles and assigned pages to roles, menus are also populating according to the user’s role. I want to restrict user to access pages by simply typing the PageName.aspx , One solution might be checking on every page load, but I don’t think it’s efficient. I have googled but only found solutions for adding <location path="Logon.aspx"> to restrict, I have to add this for every page in web.config, which defeats the whole purpose of keeping this thing dynamic, I am using Form Authentication, Some are suggesting creating a Base Class and derive other pages from that class, I think there may be some global.asax way to acheive this, but have no idea. Please suggest me best approach to achieve this !

P.S : I am not using ASP.NET Membership

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    finally, what I did is I checked access of Pages for every user on MasterPage’s Page_Load using a method name IsPageAssignedToRole() to check 

            string requestedPage = Request.Url.Segments[Request.Url.Segments.Length-1];
        if (requestedPage != "UnAuthorized.aspx")
        {
        AdminUserAuthInfo au = (AdminUserAuthInfo)Context.Items["AdminUserAuthInfo"];
        int current_role= int.Parse(au.Roles[0].ToString());
        if (!AdminRole.IsPageAssignedToRole(current_role, requestedPage))
        { Response.Redirect("UnAuthorized.aspx",true); }
        }
    • 0