0

im using asp.net with c#,

I want to check whether a user is on certain active directory group.

Im doing this check:

   if (HttpContext.Current.User.IsInRole(ConfigurationSettings.AppSettings["Group"]))
        {

        }

The thing is: where do I place this code? The site has several pages and I want the validation to be on all pages.

Do I put this on the master page?

Thanks.

pyram
  • 925
  • 9
  • 24
  • 43
  • 1
    Here is one of my answers that will help you with this: http://stackoverflow.com/questions/12550768/how-to-restrict-unlogged-unauthorized-users-from-viewing-web-pages-in-asp-net/12551115#12551115 – Gregor Primar Oct 11 '12 at 17:04

1 Answers1

3

What do you want to do if the user is not in the required role? Depending on the answer to that question, you could:

  • check it in the Master page

  • check it in a base Page from which your Page code-behind classes derive

  • check it in global.asax, for example in the Application_AuthorizeRequest event handler

... etc ...

Joe
  • 122,218
  • 32
  • 205
  • 338