Authorization with config

Tzumer Edo

I need a simple example of a general manager that can access all pages and a division manager allowed to access only his division's oriented page Tzumer

ednrgc

Is this homework?

Tzumer Edo

I need this for a site i m to upgrade, there is the admin folder and an 'admin' user, now i need hierarchy for the admin so i need to limit/allow access to pages by the user the has logged in

ednrgc

Check out MSDN for IsInRole: Something like this: modifiy the web.config as: And the Page_Load Code is: protected void Page_Load(object sender, EventArgs e) { if (Context.User.IsInRole("MyDomain\\WMS_ADMINISTRATORS")) { Label1.Text = Context.User.Identity.Name + " is part of ROLE"; } else { Label1.Text = Context.User.Identity.Name + " is NOT part of ROLE"; } }

Tzumer Edo

Tnx, but what i meant was doing it without any code in the page, if i use code i can use the session and simply check it on each page, I have a login page that verifies credentials against the web.config I was wondering weather i can define, in the web.config, access to several pages to specific users or roles while different pages allow other users/roles access. Thus using only the web.config for that.

ednrgc

You have 2 options: 1) create a separate Web.config file in the directory to be secure. 2) add some more elements to the Web.config example:

Tzumer Edo

But can i have different access to two pages in the same directory?

ednrgc

Have you tried changing the location?