Security for an entire module

Topics: Web Client Software Factory, User Forum
Sep 27, 2007 at 3:48 PM
I have an application that contains an admin module. I want to have security around the entire module without having to handle it for every page. I register the module into the site map and specify my role in the module initializer class. That prevents the user from seeing the links to the admin section. However, the user can still get to the admin pages if they know the url. In order to prevent this, I add the individual page rules in the modules web.config for each page <rule Url="~/Admin/Default.aspx" Rule="AdminModuleAccess" />, etc. I'd like to just set one rule that covers all the pages in the module. Is there a way to do this? I tried ~/Admin/ and ~/Admin/*, but neither seemed to work.

Thanks,
-Howard
Developer
Oct 5, 2007 at 8:42 PM
Hi

Web Client Software Factory doesn't support setting a Rule for all pages of a module in a single line. You will need to set the Rule for each page in the module one by one.

However, you might want to try creating a custom IAuthorizationRulesService service and provide that functionality. Feel free to add an item to the issue tracker if you think that this feature should be part of the Web Client Factory.

Please let me know if this helps.

Mariano Converti
http://staff.southworks.net/blogs/mconverti/