Export (0) Print
Expand All

UrlAuthorizationModule.CheckUrlAccessForPrincipal Method

Determines whether the user has access to the requested file.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

[SecurityPermissionAttribute(SecurityAction.Demand, Unrestricted = true)]
public static bool CheckUrlAccessForPrincipal(
	string virtualPath,
	IPrincipal user,
	string verb


Type: System.String

The virtual path to the file.

Type: System.Security.Principal.IPrincipal

An IPrincipal object representing the current user.

Type: System.String

The HTTP verb used to make the request.

Return Value

Type: System.Boolean
true if the current user can access the file; otherwise, false.


virtualPath is null.

- or -

user is null.

- or -

verb is null.


virtualPath is outside of the application root path.

The CheckUrlAccessForPrincipal method checks to see whether the current user is granted access to the requested file in the Web.config file for the application.

If the HTTP verb used to make the request is GET, POST, or HEAD, the CheckUrlAccessForPrincipal method checks for read access to the file. If any other verb is used, the CheckUrlAccessForPrincipal checks for read/write access to the file.

For more information and an example Web.config file, see the UrlAuthorizationModule class documentation.

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0, 2.0

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

© 2014 Microsoft