4

Is there any way of doing something like this?

<location path="/(view|edit)post.aspx\?id=[7-9][0-9]+">
    <system.web>
      <authorization>
        <allow roles="AdminPublishers"/>
        <deny users="*"/>
      </authorization>
    </system.web>
</location>

Authorization is just an example. I would like to be able to do other things with those locations.

Eduardo
  • 5,645
  • 4
  • 49
  • 57
  • What are you actually trying to do? – Adrian K Jul 02 '10 at 04:16
  • Initially I just wanted authorization but it would be very useful to apply custom errors, globalization, etc to a group of locations. Authorization-only could be solved by a custom HttpModule but Microsoft has already developed an authorization module based on location. Changing location path behavior would be great. – Eduardo Jul 03 '10 at 04:38

1 Answers1

0

You could use an HttpModule and attach a handler to the AuthenticateRequest event. Inside your handler, use your Regex to match against the incoming Request Url, and if it matches, check the roles of the user who is currently logged in. You could also set it up to read configuration from the Web.config, if that's what you're after.

Dave Thieben
  • 5,388
  • 2
  • 28
  • 38
  • Hi. That would be fine if I just needed to authorize users but I want change other system.web settings for location that matches. – Eduardo Jun 30 '10 at 02:07
  • ah, I see. Have you tried putting a web.config in the location, with the overriding settings? http://msdn.microsoft.com/en-us/library/ms178685.aspx – Dave Thieben Jun 30 '10 at 02:20
  • I'm not 100% clear on what you're trying to do. Are you trying to apply security to an HttpHandler(s) or just get some up and running? – Adrian K Jun 30 '10 at 21:17
  • Not only security but other settings available under system.web tag. – Eduardo Jul 01 '10 at 16:07