protected virtual bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext == null) { throw new ArgumentNullException("httpContext"); } if (!Page_Context.Current.Initialized) { throw new InvalidOperationException(); } var permission = Page_Context.Current.PageRequestContext.Page.Permission; if (permission != null) { IPrincipal member = httpContext.Membership().GetMember(); return permission.Authorize(member); } return true; }