Role authorization in Customer Portal Accelerator

Sep 9, 2010 at 5:26 PM

I am trying to secure a page in the portal so that only authenticated users can view it.  It's not working and I'm wondering if that's because of the content management redirect behavior.  Here is what I added to the web.config.

<location path="PurchaseMembership.aspx">
    <system.web>
      <authorization>
        <deny users="?" />
      </authorization>
    </system.web>
  </location>

Sep 9, 2010 at 9:01 PM

Have you tried prefixing the url with "/Pages/"? Provided of course your custom page is within the Pages folder. I kept my custom pages there, so far it has worked ok.

Sep 9, 2010 at 9:08 PM

Content security is a feature of the commercial version of the portals from Adxstudio, so I haven't tried your specific scenario.  Now that said, the ASP.NET security model should work but you should organize your custom urls in a manner that can be easily secured.  Have you tried to use the custom url in the web.config instead of the physical file name of the aspx page?  ie: /secured/mypage

Shan