principalpermission

I've been using PrincipalPermission for a while in wcf services. [PrincipalPermission(SecurityAction.Demand, Role = SecurityRoles.CanManageUsers)] Our roles are prefixed with: Can* and is how we achieve fine grained actions control with the built in asp.net membership system. This makes it hard to know as a business unit what fine grained roles we can give to a user. Here is my new approach and wanted to see if anyone can provide feedback, code review before i implement my suggestion. 1) aspnet_roles - business unit role 2) Extend the asp.net membership system by creating a permission table

I have one method of a class (DPCal_EventMove) that I want to limit access to using Roles. I have both a Global.asax.cs error handler and a custom IHttpModule error handler intended to catch unhandled exceptions and Server.Transfer them to GlobalExceptionHandler.aspx, which checks to see if the errors are SecurityExceptions that originated from failed PrincipalPermission checks. For some reason, the unhandled exception caused by the PricipalPermission-decorated method is not routed through either of my error handlers. My question is: Where is this exception being routed to and how do I catch

My Silverlight/WCF application uses PrincipalPermission in each service method to ensure the user is Authenticated. This works just fine when I have everything configured to HTTP, but once I configured my service endpoints/bindings to support HTTPS (SSL), I get an exception thrown when I call the Demand() method of my PrincipalPermission object. EDIT: I should mention I am using IIS 7.5 Express to host and debug this project. Here is the method that checks to make sure the user is authendicated. It's called from each of my service methods: protected void SecurityCheck(string roleName, bool