Skip to Content
Beginning ASP.NET 3.5: In C# and VB
book

Beginning ASP.NET 3.5: In C# and VB

by Imar Spaanjaars
March 2008
Intermediate to advanced content levelIntermediate to advanced
766 pages
21h 15m
English
Wrox
Content preview from Beginning ASP.NET 3.5: In C# and VB

A.15. Chapter 15

A.15.1.

A.15.1.1.
A.15.1.1.1. Exercise 1 solution

Authentication is all about proving your identity to a system like a web site. After you have been authenticated, the authorizations you have then determine what it is you can and cannot do in the system.

A.15.1.1.2. Exercise 2 solution

To expand the access to the Management folder for John and all users in the Editors role, you need to expand the current roles attribute to include Editors, and add an additional allow element with its users attribute set to John:

<system.web>
  <authorization>
    <allow roles="Managers, Editors"/>
    <allow users="John"/>
    <deny users="*"/>
  </authorization>
</system.web>

The roles attribute allows you to specify multiple roles separated by a comma. In order to grant the John account you need to add an additional allow element and then fill in John's name in the users attribute.

From a maintainability perspective, it would be a lot better to add John to the Managers or Editors role if possible. However, you may end up giving John more rights than you want (he could then access anything that a Manager or an Editor could access). Generally, it's best to manage users through roles as much as possible, but it's good to know that you can grant individual accounts the necessary rights as well (or explicitly take those rights away using a deny element).

A.15.1.1.3. Exercise 3 solution

If you want to redirect all users to the same page, all you need to set is the DestinationPageUrl:

<asp:Login ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Beginning ASP.NET 4: in C# and VB

Beginning ASP.NET 4: in C# and VB

Imar Spaanjaars
Professional ASP.NET 3.5 SP1 Edition: In C# and VB

Professional ASP.NET 3.5 SP1 Edition: In C# and VB

Bill Evjen, Scott Hanselman, Devin Rader

Publisher Resources

ISBN: 9780470187593Purchase book