erickwidya
Aug 9th, 2011, 01:10 AM
Hi All,
let say i have this Page and Role required to access it
Home: PublicRole
About: PublicRole
Invoice: PurchasingRole
i have navigation menu that populate based on user's Role that logon but it doesn't prevent if user type the URL manually..user still can access that Page eventhough user don't have permission to access it
using AuthorizationAttribute is something that i want to prevent because Admin have the ability to set the Menu based on Role
authorization article that i found is required user to Logon first before attempt to access the Page, it already done in my scenario
any insight?
thx,
erick
let say i have this Page and Role required to access it
Home: PublicRole
About: PublicRole
Invoice: PurchasingRole
i have navigation menu that populate based on user's Role that logon but it doesn't prevent if user type the URL manually..user still can access that Page eventhough user don't have permission to access it
using AuthorizationAttribute is something that i want to prevent because Admin have the ability to set the Menu based on Role
authorization article that i found is required user to Logon first before attempt to access the Page, it already done in my scenario
any insight?
thx,
erick