Hello, I am wanting to know more about securing certain directories by role. In normal ASP.NET, I would do this by dropping a web.config in that directory and using <deny users="*"/> <allow roles="SecureUserRole, AdminRole"/>. However, in Sitefinity this seem possible since pages and directories are dynamically generated.
I did read the page at http://www.sitefinity.com/help/developer-manual/security-page-permissions.html
that says to set the "Anonymous Access" property on a page/directory and it will be inherited by sub-pages and sub-directories. That is wonderful. However, I'm looking for a way to allow/deny SPECIFIC ROLES, not just allow any authenticated user. How would this be done?
Also, my membership currently lies in the aspnet_membership tables for site users. Is there anything different with Sitefinity that I should keep in mind when dealing with the aspnet_membersip users and roles? Any gotchas or anything?
Thanks as always for your help!