Securing CMS pages


I tried to secure a cms page like this:
<location path="content/2008.aspx">
    <allow roles="Administrators"/>
    <deny users="*"/>
But it does not work ...
My thought is that the problem results from url rewriting (internal page is /Contentpages/page.aspx?page=2008.aspx)
Any idea to solve this?


z2bass wrote Aug 21, 2007 at 7:07 PM

Roles could be integrated into the CMS page. It would do a check to see if the requirements are met (Admin, Editor, ETC) and then redirect if they don't check out.

thoze wrote Aug 22, 2007 at 9:13 PM

Ok, I`m going to add this feature. But I need some time to take a look on subsonic and its wrapers, to save the selected roles.Perhaps I can publish it on friday. Lets see :)

z2bass wrote Aug 24, 2007 at 9:18 PM

I have an idea of how to do this... with very minimum coding. Do you want me to take care of this?

wrote Oct 31, 2007 at 1:04 AM

thoze wrote Nov 11, 2007 at 2:38 PM

Yes, you can take care of this! :)

wrote Mar 19, 2008 at 12:46 AM

wrote Jul 1, 2008 at 12:31 PM

z2bass wrote Dec 9, 2009 at 5:17 AM

This will be in the v3 Preview 2

wrote Dec 9, 2009 at 5:18 AM

wrote Jan 6, 2010 at 1:03 AM

wrote Feb 14, 2013 at 2:37 AM