Thank you. I will work on your example and get back to you.

Neil

>Hi Neil,
>
>I too needed to have a role based form security model and basically wrote a sproc to determine if the logged in user was in fact assigned to an "admin" role. If yes, proceed to the requested page. If not, alert and return to the login page. I executed this sproc from a business class that gets called in the overridden on_load event of the page. I didn't find any other built in framework support to accomplish this type of form based role security, so I hope this helps! If anyone has a better mousetrap I'd like to know about it too!
>
>
>

protected override void OnLoad(EventArgs e)
>		{
>			// *** Check to see if we're logged in - if not ask for login page
>			if (this.RequiresSecurity && this.SecurityUserPk == null)
>			{
>				this.RedirectToLogin();
>				return;
>			}
>
>			if (this.RequiresSecurity)
>			{
>				// Overriding the OnLoad method specifically here to implement Role Based Security
>				// on the logged in user for this Admin form, must be in the Admin role to access the page.
>
>				// Register the BO
>				this.oUtility = (Utility)this.RegisterBizObj(new Utility());
>
>				if (oUtility.CheckAdminUser((int)this.SecurityUserPk))
>				{
>					// call the parent functionality
>					base.OnLoad (e);
>					
>					// continue
>					return;
>				
>				}
>				else
>				{
>					// back to the login after alerting the user
>					mmMessageDisplay.DisplayMessage(Context,"Administration Access Denied","Your Login credentials do not allow Admin Access.;
>  See the System Administrator for Admin Access.","UserLogin.aspx?Url=/SS/MMSS/StandardsStudio/admin.aspx",4 );
>					return;
>				}
>			}
>
>			this.BindData();
>
>			
>		}

>
>
>> And.... I need the ability to secure a web page not just it's controls. RequiresSecurity=true; in OnInit works great but I want the page to be selective to the user's access. IE: I only want Admins to have access to a certain web page.
>>
>>Thanx,
>>Neil