I'm writing a custom role provider and I need programmatic access the authorization information stored in the web.config. Certain section of the site are only accessible by certain roles. I would like to find out which roles can access a page and/or which page a certain role can access.
I can't seem to figure this one out.
You can access any information stored such as ConnectionStrings,AppSettings and other defined values in web.config by WebConfigurationManager class in System.Web.Security namespace.
Let's say you have defined and authorization section as:
<system.web>
<authorization>
<allow roles="admin,moderator" />
<deny users="?" />
</authorization></system.web>
The section you just created means users who has admin and/or moderator roles can access pages within and deny everyone (anonymous) who attempts to access without login information.
In order to that just call out WebConfigurationManager's GetSection method as
AuthorizationSection auth = WebConfigurationManager.GetSection("system.web/authorization") as AuthorizationSection;
AuthorizationSection class will give you
Rules
collection which is precisely what you're looking for.
来源:https://stackoverflow.com/questions/1240552/accessing-authorization-information-in-web-config