asp.net How do I reference authorized users hard coded in web.config in my code


I am building a website on an intranet and one of the directories can only be accessed by hard coded authorized users. They are defined in web.config. It looks similar to this.

<location path="admin"> <system.web> <authorization> <allow users="user1"/> <allow users="user2"/> <allow users="user3"/> <allow users="user4"/> <deny users="*"/> </authorization> </system.web> </location>

What I want then is to create a link to this directory which only appears to those users... At the moment, to build the link I'm rechecking there windows usernames and hard coding them in again like this...

<% if (HttpContext.Current.User.Identity.Name == "user1" || HttpContext.Current.User.Identity.Name == "user2" || HttpContext.Current.User.Identity.Name == "user3" || HttpContext.Current.User.Identity.Name == "user4") { Response.Write("<a href='admin/Default.aspx'>Admin Site</a>"); } %>

But what I want to do is reference my list from the webiconfig file and say something like

if (HttpContext.Current.User.Identity.Name == // a user from the web.config list

Is this possible and if so can you help me... Thanks


You can get the authorization rules from web.config like this:

AuthorizationSection configSection = (AuthorizationSection)ConfigurationManager.GetSection("system.web/authorization"); var users = new List<string>(); var rules = configSection.Rules; foreach (AuthorizationRule rule in rules) { if (rule.Action == AuthorizationRuleAction.Allow) { foreach (string user in rule.Users) { if (!users.Contains(user)) users.Add(user); } } }

But you must also pay atention to the precedence of the rules.


  • Linq query to compare 2 List for distinct matches
  • How to Merge two lists
  • Skipping a multidimensional Array in a foreach loop PHP
  • postgres aggregate join matches to an array field
  • ASp.Net MVC routing
  • PHP: setting session variables through variable variables
  • GQL query help - How can I write a query with where clause in GQL ? I am using google appengine data
  • How can I increment one line at a time from a text file and sed the output to another file?
  • Take column of string data in pandas dataframe and split into separate columns
  • c# merge objects
  • secure iPhone to server communication so that only my app can post data?
  • Finding mutual friend sql
  • dilemma on the use of inheritance in EF code-first
  • Ways to remember and reuse previous query result in Neo4j
  • Define the file path from the file name in R
  • Restric user access to table using Sql Server 2008
  • How could this be done with multi-threading?
  • Query a table in different ways or orderings in Cassandra
  • Can I change font size based on the number of letters? [duplicate]
  • How to limit the access to a Controller or a folder in MVC?
  • MonoTouch Dialog. Buttons with the Elements API
  • Socket io in node app on google app engine
  • PHP in userdir not working
  • Uber API - requests endpoint cannot read read json
  • CakePHP ACL tutorial initDB function warnings
  • Webgrid not refreshing after delete MVC
  • Jquery UI tool tip close icon
  • How to recover from a Spring Social ExpiredAuthorizationException
  • Timeout for blocking function call, i.e., how to stop waiting for user input after X seconds?
  • Traverse Array and Display in markup
  • Comma separated Values
  • Windows forms listbox.selecteditem displaying “System.Data.DataRowView” instead of actual value
  • Revoking OAuth Access Token Results in 404 Not Found
  • Proper folder structure for lots of source files
  • Error creating VM instance in Google Compute Engine
  • Hits per day in Google Big Query
  • how does django model after text[] in postgresql [duplicate]
  • File not found error Google Drive API
  • How does Linux kernel interrupt the application?
  • Qt: Run a script BEFORE make