protected virtual bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext == null) { throw new ArgumentNullException("httpContext"); } if (!Page_Context.Current.Initialized) { throw new InvalidOperationException(); } var permission = Page_Context.Current.PageRequestContext.Page.Permission; if (permission.RequireMember) { IPrincipal member = httpContext.MemberAuthentication().GetMember(); if (!member.Identity.IsAuthenticated) { return false; } var groups = permission.AllowGroups; if (groups != null && groups.Length > 0 && !groups.Any<string>(new Func<string, bool>(member.IsInRole))) { return false; } } return true; }