1) write your Ajax.NET method like everytime:
[AjaxPro.AjaxMethod]
public static string SayHello()
{
return "Hello World!";
}
2) add the principal permission attribute to specify which role you
want to allow:
[AjaxPro.AjaxMethod]
[PrincipalPermission(SecurityAction.Demand, Role = "AjaxRole")]
public static string SayHello()
{
return "Hello World! You are in role AjaxRole!";
}
3) on the client-side JavaScript code you can now call the method, if
you are not in AjaxRole you will get a
System.Security.SecurityException:
<script type="text/javascript">
function callback(res) {
if(res.error != null && res.error.Type ==
"System.Security.SecurityException") {
alert("You are not able to call this method!");
}
}
</script>
See a working demo at
http://munich.schwarz-interactive.de/security.aspx. There you can use
the username "admin" or "editor" (both have the password "ajax"), but
only "admin" cann call the AdminMethod.
--
Best regards | Schöne Grüße
Michael
Microsoft MVP - Most Valuable Professional
Microsoft MCAD - Certified Application Developer
http://weblogs.asp.net/mschwarz/
http://www.schwarz-interactive.de/
mailto:[EMAIL PROTECTED]
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ajax.NET Professional" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/ajaxpro
The latest downloads of Ajax.NET Professional can be found at
http://www.ajaxpro.info
-~----------~----~----~----~------~----~------~--~---
