.NET Framework Class Library
UrlAuthorizationModule..::.CheckUrlAccessForPrincipal Method

Determines whether the user has access to the requested file.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)
Syntax
Visual Basic (Declaration) 
<SecurityPermissionAttribute(SecurityAction.Demand, Unrestricted := True)> _
Public Shared Function CheckUrlAccessForPrincipal ( _
    virtualPath As String, _
    user As IPrincipal, _
    verb As String _
) As Boolean
Visual Basic (Usage) 
Dim virtualPath As String
Dim user As IPrincipal
Dim verb As String
Dim returnValue As Boolean

returnValue = UrlAuthorizationModule.CheckUrlAccessForPrincipal(virtualPath, _
    user, verb)
C# 
[SecurityPermissionAttribute(SecurityAction.Demand, Unrestricted = true)]
public static bool CheckUrlAccessForPrincipal(
    string virtualPath,
    IPrincipal user,
    string verb
)
Visual C++ 
[SecurityPermissionAttribute(SecurityAction::Demand, Unrestricted = true)]
public:
static bool CheckUrlAccessForPrincipal(
    String^ virtualPath, 
    IPrincipal^ user, 
    String^ verb
)
JScript 
public static function CheckUrlAccessForPrincipal(
    virtualPath : String, 
    user : IPrincipal, 
    verb : String
) : boolean

Parameters

virtualPath
Type: System..::.String
The virtual path to the file.
user
Type: System.Security.Principal..::.IPrincipal
An IPrincipal object representing the current user.
verb
Type: System..::.String
The HTTP verb used to make the request.

Return Value

Type: System..::.Boolean
true if the current user can access the file; otherwise, false.
Exceptions
ExceptionCondition
ArgumentNullException

virtualPath is nullNothingnullptra null reference (Nothing in Visual Basic).

- or -

user is nullNothingnullptra null reference (Nothing in Visual Basic).

- or -

verb is nullNothingnullptra null reference (Nothing in Visual Basic).

ArgumentException

virtualPath is outside of the application root path.
Remarks

The CheckUrlAccessForPrincipal method checks to see whether the current user is granted access to the requested file in the Web.config file for the application.

If the HTTP verb used to make the request is GET, POST, or HEAD, the CheckUrlAccessForPrincipal method checks for read access to the file. If any other verb is used, the CheckUrlAccessForPrincipal checks for read/write access to the file.

For more information and an example Web.config file, see the UrlAuthorizationModule class documentation.
.NET Framework Security
Platforms

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Version Information

.NET Framework

Supported in: 3.5, 3.0, 2.0
See Also

Reference

UrlAuthorizationModule Class
UrlAuthorizationModule Members
System.Web.Security Namespace
Tags :


Community Content

themattconnolly
Example Code fo use with IIS7 Url Rewrite Module

Here is some example code to check the value for the current user and redirect to the appropriate URL, which is very necessary when using the IIS7 Url Rewrite Module.

string virtualDirectory = VirtualPathUtility.GetDirectory(originalPath);
string fileName = VirtualPathUtility.GetFileName(originalPath);
string virtualPath = virtualDirectory + fileName;
if (UrlAuthorizationModule.CheckUrlAccessForPrincipal(virtualPath, HttpContext.Current.User, Request.ServerVariables["REQUEST_METHOD"]) == false)
{
    Configuration webConfig = System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration("~/");
    AuthenticationSection authSection = (AuthenticationSection)webConfig.GetSection("system.web/authentication");
    string loginUrl = authSection.Forms.LoginUrl;
    Response.Redirect(loginUrl + "?ReturnUrl=" + virtualPath);
}
Tags : url rewrite iis7

Page view tracker