Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

UrlAuthorizationModule.CheckUrlAccessForPrincipal Method

Determines whether the user has access to the requested file.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)
[SecurityPermissionAttribute(SecurityAction.Demand, Unrestricted = true)]
public static bool CheckUrlAccessForPrincipal(
	string virtualPath,
	IPrincipal user,
	string verb


Type: System.String
The virtual path to the file.
Type: System.Security.Principal.IPrincipal
An IPrincipal object representing the current user.
Type: System.String
The HTTP verb used to make the request.

Return Value

Type: System.Boolean
true if the current user can access the file; otherwise, false.

virtualPath is null.

- or -

user is null.

- or -

verb is null.


virtualPath is outside of the application root path.

The CheckUrlAccessForPrincipal method checks to see whether the current user is granted access to the requested file in the Web.config file for the application.

If the HTTP verb used to make the request is GET, POST, or HEAD, the CheckUrlAccessForPrincipal method checks for read access to the file. If any other verb is used, the CheckUrlAccessForPrincipal checks for read/write access to the file.

For more information and an example Web.config file, see the UrlAuthorizationModule class documentation.

.NET Framework

Supported in: 4, 3.5, 3.0, 2.0

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

© 2014 Microsoft. All rights reserved.