I have reported Bug #579837 in Mono's ASP.NET implementation more than a year ago. The basic problem is, that it is currently impossible to correctly set/ write authorization rules programmatically. The bug has been fixed partly a few month ago.
I have reported Bug #658184 at 2010-12-08. All rules that are added to an application's web.config are converted to allow rules. It is impossible to add a deny rule. Both bug reports are containing sample ASP.NET projects which demonstrate the problem. In the meantime I have started to debug the Mono class library and found a simple solution. The problem is, that the current implementation simply ignores the Action attribute and leaves it at it's default value of Allow. The problem can be fixed by adding a single line of code. I hope that somebody of the core developers will have a look into the issue and fix the problem in github.
_______________________________________________ Mono-aspnet-list mailing list Mono-aspnet-list@lists.ximian.com http://lists.ximian.com/mailman/listinfo/mono-aspnet-list