I have a web application which uses forms authentication. We have setup our own role based security around it .
The role security is quite simple we have 3 tables: one which stores the user details, one which stores the different roles we have and one which matches the roles to the the user.
What I am trying to do is stop certain users from accessing everything accept a directory I specify but allow all other users access to everything.
E.G. Say We have 5 directories, Folder_1 - Folder 5
User_1 will have access to Folders_1 - Folder_5 (as in all of them)
User_2 will have acess to only Folder_1 and nothing else.
Any ideas on how to do this