Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

UrlAuthorizationModule.CheckUrlAccessForPrincipal Method

Determines whether the user has access to the requested file.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

[SecurityPermissionAttribute(SecurityAction.Demand, Unrestricted = true)]
public static bool CheckUrlAccessForPrincipal(
	string virtualPath,
	IPrincipal user,
	string verb


Type: System.String

The virtual path to the file.

Type: System.Security.Principal.IPrincipal

An IPrincipal object representing the current user.

Type: System.String

The HTTP verb used to make the request.

Return Value

Type: System.Boolean
true if the current user can access the file; otherwise, false.


virtualPath is null.

- or -

user is null.

- or -

verb is null.


virtualPath is outside of the application root path.

The CheckUrlAccessForPrincipal method checks to see whether the current user is granted access to the requested file in the Web.config file for the application.

If the HTTP verb used to make the request is GET, POST, or HEAD, the CheckUrlAccessForPrincipal method checks for read access to the file. If any other verb is used, the CheckUrlAccessForPrincipal checks for read/write access to the file.

For more information and an example Web.config file, see the UrlAuthorizationModule class documentation.

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0, 2.0
© 2015 Microsoft