I have reported Bug #579837 in Mono's ASP.NET implementation more than a year
ago. The basic problem is, that it is currently impossible to correctly set/
write authorization rules programmatically. The bug has been fixed partly a few
month ago.
I have reported Bug #658184 at 2010-12-08. All rules that are added to an
application's web.config are converted to allow rules. It is impossible to add
a deny rule.
Both bug reports are containing sample ASP.NET projects which demonstrate the
problem.
In the meantime I have started to debug the Mono class library and found a
simple solution. The problem is, that the current implementation simply ignores
the Action attribute and leaves it at it's default value of Allow. The problem
can be fixed by adding a single line of code.
I hope that somebody of the core developers will have a look into the issue and
fix the problem in github.
_______________________________________________
Mono-aspnet-list mailing list
Mono-aspnet-list@lists.ximian.com
http://lists.ximian.com/mailman/listinfo/mono-aspnet-list
