public void OnAuthorizeRequest(object source, EventArgs eventArgs)
{
HttpApplication app = (HttpApplication)source;
string page = app.Request.Path;
page = page.Substring(page.LastIndexOf('/') + 1);
if (!_authorizer.IsAllowed(app.Context.User.Identity, page))
{
app.Response.StatusCode = 401;
app.Response.StatusDescription = "Access Denied";
app.Response.Write("You are not authorized to view this page");
app.CompleteRequest();
}
}
