I have written a short example about how to use web forms security with Ajax.NET Professional. The example (C# and VB.NET) is included in the latest version available at http://www.ajaxpro.info/ [1]. Discuss the security.aspx example at Google groups [2]. (Update: there are about 2.500 members reading and writing posts!!!)
See this example:
using System; using System.Data; using System.Configuration; using System.Web; using System.Security.Permissions;
public partial class SecurityCS : System.Web.UI.Page { [AjaxPro.AjaxMethod] [PrincipalPermission(SecurityAction.Demand, Role = "Admin")] public static string AdminMethod() { return "Hello Admin!"; }
protected void Page_Load(object sender, EventArgs e) { // Register Ajax.NET methods from this class AjaxPro.Utility.RegisterTypeForAjax(typeof(AjaxPro.Services.AuthenticationService)); AjaxPro.Utility.RegisterTypeForAjax(typeof(SecurityCS)); }
<font size="2"><font face="Courier New">} </font><br></font> The AuthenticationService lets you sign in and out directly from JavaScript code:
<script type="text/javascript> AjaxPro.Services.Authentication.Login(username, password, callback); </script>
If you then access a AjaxMethod without the needed security rights you will get an SecurityException.