Restrict pages

Discussion in 'ASP .Net Security' started by David Thielen, Jun 2, 2006.

  1. 8. I want to set the system so authenticated users who are not a member of
    one Role/Group can only get to 3 pages. And that users who are not a member
    of the admin role/group cannot get to the admin page and the admin menu tab
    does not show. What is the best way to do this – where I may be using windows
    authentication (so it’s Active Directory groups) and I may be using
    AspNetSqlMembershipProvider.

    --
    thanks - dave
    david_at_windward_dot_net
    http://www.windwardreports.com
    David Thielen, Jun 2, 2006
    #1
    1. Advertising

  2. Hi Dave,

    As for the setting authorization restriction for individual or certain
    group of pages, you can consider using the <location> configuration element
    which can help configure some particular settings for a certain path (such
    as individual page or a certain sub directory). Also, if a certain set of
    pages (which need the same authorization protection) are in the same sub
    directory, you can also use a sub web.config in that directory to set the
    <authorization> rules:

    #How to: Configure Specific Directories Using Location Settings
    http://msdn2.microsoft.com/en-us/library/ms178692.aspx

    Also, for windows or SQL authentication, we would have to configure
    different authorization settings for them. For custom sqlmembership Role or
    windows AD user groups.

    As for SqlMembershipUser or Windows AD users, they'll have different
    roles(AD groups), you'll need to configure the correct roles in the
    <authorization> rules according to which Memership/Role service you're
    using.


    In addition, as for the
    ===============
    and the admin menu tab
    does not show.
    ==================

    I remember that the default XMLSiteMapProvider support configuring
    sitemapNode to set protection on roles(this setting need to be identical to
    the authorization rules set in the <authorization> section.

    #Securing ASP.NET Site Navigation
    http://msdn2.microsoft.com/en-us/library/ms227425.aspx

    Hope this helps.

    Regards,

    Steven Cheng
    Microsoft Online Community Support


    ==================================================

    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.

    ==================================================


    This posting is provided "AS IS" with no warranties, and confers no rights.



    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    Steven Cheng[MSFT], Jun 2, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Prasad
    Replies:
    1
    Views:
    614
    Kelly Leahy
    Jan 16, 2004
  2. Paras Wadehra
    Replies:
    1
    Views:
    1,766
    =?Utf-8?B?U2F1cmFiaCBOYW5kdQ==?=
    Aug 15, 2004
  3. Jensen bredal

    Try to restrict acces to all my pages.

    Jensen bredal, Mar 9, 2005, in forum: ASP .Net
    Replies:
    2
    Views:
    327
    =?Utf-8?B?UyBoIGEgdSBu?=
    Mar 9, 2005
  4. Christiano
    Replies:
    2
    Views:
    1,161
    Christiano
    Jul 18, 2008
  5. chris
    Replies:
    2
    Views:
    126
    kaeli
    Nov 10, 2003
Loading...

Share This Page