I have an intranet portal that uses windows authentication and the WindowsTokenRoleProvider for security. I want to implement security on particular web parts so that only members of a Windows domain group can view them. So far this is easy.
Now I want to test this, in our test environment we'd like to use a different group for the authorization. The problem is that the only way I see to set the AuthorizationFilter of the web part is in the server tag and you cannot have code in that server tag that swaps out the production group with the test group by reading it from a config file for example.
I would have thought that the AuthorizationFilter property would be exposed by IWebPart, but unfortunately it doesn't appear to be. I believe I could get the functionality that I am looking for if I inherited directly from WebPart instead of extending UserControl and implementing IWebPart, but then I would lose designer support for the web part by doing this and our web parts benefit greatly from using the designer.
Does anyone know how I can programatically set the AuthorizationFilter on a web part while still having designer support for the web part?