>How do you block the users from getting to the admin page?
>
Right now I just limit access to the link to the pages. I had seen something in the help file that said I should secure the folder where the admin pages are, but I hadn't gone into that yet.
>I have been adding a bit field to the user table called IsAdmin and setting with a checkbox on the admin page. Then besides the RequiresSecurity = true in the OnInit I add this at the top of the page load event.
>
>
>protected void Page_Load(object sender, EventArgs e)
>{
> bool allowAccess = false;
> object UserPk = Session["mmUserSecurity_UserPk"];
> if (UserPk != null)
> {
> DataSet dsUser = mmAppBase.SecurityMgr.oUser.GetUserByPK(UserPk);
> if ((bool)dsUser.Tables[0].Rows[0]["IsSecurityAdmin"])
> allowAccess = true;
> }
> if (!allowAccess)
> Response.Redirect("~/Default.aspx");
>
>.. Other stuff
>}
>
>Tim
Thanks for that.