Checking if a user has access to a URL in ASP.NET

News

My Stats

Posts - 20
Comments - 24
Trackbacks - 0

Twitter

DFieldhouse #ELMAH: Fantastic tool but you should never show the world your error messages. http://t.co/KX9V1kuE about 28 days ago

DFieldhouse Which technology belief system do you subscribe to: http://t.co/XGOhYYSy? about 31 days ago

Blogs

My Company's Sites

<< A new interface for mobile phones | Home | Microsoft hasn’t set CustomErrors to RemoteOnly >>

Checking if a user has access to a URL in ASP.NET

I spent ages this morning trying to find a way to determine if a user has permission to access a page before navigating to it. I knew it was possible, the SiteMapProvider has a property called “SecurityTrimmingEnabled” that hides pages that the user cannot access.

In the end I found a really useful object called UrlAuthorizationModule in the System.Web.Security namespace that has a method called CheckUrlAccessForPrincipal(). Pass in the url and get a Boolean return value indicating whether the resource is accessible. Easy when you know how!