I'm working on a project that will use windows role providers and I want to limit functionality to certain AD groups.
With MVC, I could use an AuthorizeAttribute above my action methods and redirect accordingly. Is there something similar I can do for a standard web forms application (.NET 3.5) that doesn't use MVC?
You can set this up in web.config with the authorization element.
<configuration>
<system.web>
<authorization>
<allow roles="domainname\Managers" />
<deny users="*" />
</authorization>
</system.web>
</configuration>
Basically domain groups are translated into roles when using <authentication mode="Windows" />.
You can read more about it on MSDN