ASP.NET in a Nutshell

Name

UrlAuthorizationModule

Synopsis

ASP.NET uses this class automatically to determine whether access to a specified resource (a URL requested by the client) should be allowed or denied, based on the identity of the currently authenticated user. This class is used as needed, but is not directly referenced in the web.config file. You can configure URL authorization by adding a list of users or roles in the <allow> or <deny> elements of the <authorization> section of a configuration file.

Both the FormsAuthenticationModule and PassportAuthenticationModule set the System.Web.HttpContext.SkipAuthorization property to True when redirecting the client to a login page so they can bypass the UrlAuthorizationModule checks.

Public NotInheritable Class UrlAuthorizationModule : Implements System.Web.IHttpModule
' Public Constructors
   Public Sub New() 
' Public Instance Methods
   Public Sub Dispose() Implements IHttpModule.Dispose 
   Public Sub Init(
        ByVal app As System.Web.HttpApplication) Implements IHttpModule.Init 
End Class

Get ASP.NET in a Nutshell now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ASP.NET in a Nutshell by

Name

Synopsis

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly