Export (0) Print
Expand All
0 out of 1 rated this helpful - Rate this topic

AuthorizationRule Class

The AuthorizationRule class allows you to programmatically access and modify the authorization section of a configuration file. This class cannot be inherited.

Namespace: System.Web.Configuration
Assembly: System.Web (in system.web.dll)
public sealed class AuthorizationRule : ConfigurationElement
public final class AuthorizationRule extends ConfigurationElement
public final class AuthorizationRule extends ConfigurationElement
Not applicable.

The AuthorizationRule class provides a way to programmatically access and modify the authorization section of a configuration file.

This type is part of a group that includes the AuthorizationSection, the AuthorizationRuleCollection, and the AuthorizationRuleAction types.

NoteNote:

The AuthorizationSection can update the configuration information at any level in the configuration hierarchy.

The following code example demonstrates how to use the AuthorizationRule.

NoteNote:

If you use the credentials section, be sure to follow the guidelines explained at ASP.NET Authentication. For scalability and better security capability, it is recommended that you use an external database to store users' credentials. For more information about building secure ASP.NET applications, search the Microsoft MSDN Web site (msdn.microsoft.com) for "Securing Your ASP.NET Application" and "Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication."

// Create an authorization rule object.
AuthorizationRuleAction action =
    AuthorizationRuleAction.Deny;
AuthorizationRule authorizationRule = 
    new System.Web.Configuration.AuthorizationRule(action);

// Using the AuthorizationRuleCollection Add method.
           
// Set the action property.
authorizationRule.Action = 
   AuthorizationRuleAction.Allow;
// Define the new rule to add to the collection.
authorizationRule.Users.Add("userName");
authorizationRule.Roles.Add("admin");
authorizationRule.Verbs.Add("POST");

// Add the new rule to the collection.
authorizationSection.Rules.Add(authorizationRule);

System.Object
   System.Configuration.ConfigurationElement
    System.Web.Configuration.AuthorizationRule
Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 98, Windows Server 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

.NET Framework

Supported in: 3.0, 2.0
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.