Can we override the Authorization Module to write custom access rules? (.NET 2.0)

D

dorionda

Hi everyone,

Is it possible to override the Authorization Module so that I could add
a custom parameter to the <allow> tag in the Web.Config?

example:

<configuration>
<system.web>
<authorization>
<allow usersInGroup="Group A"/> /*<< custom parameter here */
<allow roles="student"/>
<deny users="*"/>
<deny roles="*"/>
<deny usersInGroup="*"/>
</authorization>
</system.web>
</configuration>
 
J

Joe Kaplan \(MVP - ADSI\)

You would need to write your own. It is not inhertible.

Have you considered just adding "Group A" to the user's roles? You could
add a shim module that would run after authentication that would create a
new IPrincipal and stuff some additional roles in there or something.

Joe K.
 
D

Dominick Baier [DevelopMentor]

i don't see a difference between roles and usersInGroup???!!!
 
J

Joe Kaplan \(MVP - ADSI\)

Perhaps he can elaborate on what he is trying to do? Maybe there is some
hybrid of application-specific roles he is generating and AD groups and we
wants to use both or something? It isn't clear to me. It still seems like
a composite IPrincipal object would be the way to go.

Joe K.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top