asp.net 2.0

How to use the PrincipalPermission Class to check authorization in ASP.NET in C#

.NET provides alternative way to enforce role and user rules. Instead of approach described in the article How to use IsInRole method to check authorization in ASP.NET in C#, you can use the PrincipalPermission class from the System.Security.Permissions namespace. You should follow the next steps:

1. Create a PrincipalPermission object that represents the …

Learn more

How does File Authorization work in ASP.NET

ASP.NET uses type of authorization which is file-based authorization, and it’s implemented by the FileAuthorizationModule. This authorization takes effect only if you’re using Windows authentication.   If you’re using custom authentication or forms authentication, it’s not used.

You can understand file authorization if you know how he Windows operating system enforces file system security. When your …

Learn more

How to control access for specific roles in ASP.NET

If you need to manage an enterprise application that supports thousands of users and you need to define permissions for each individual user, it would be exhausting, difficult to change, and nearly impossible to complete without error. The easiest way to maintain the users is to group them into categories called roles.

In Windows authentication …

Learn more

How to control access to specific files in ASP.NET

You can use approach described in the article How to control access to specific directories in ASP.NET to set file access permissions by directory. You also have the option of restricting specific files by adding <location> tags to your web.config file. The <location> tags sit outside the main <system.web> tag and are nested directly in the …

Learn more

How to control access to specific directories in ASP.NET

A usual application design is to place files that require authentication into a separate folder.  You can follow this approach in ASP.NET by leaving the <authorization> element in the normal parent directory empty and adding a web.config file that specifies stricter settings in the secured directory.

When you add the web.config file in the subdirectory …

Learn more