Restrict access to ELMAH using custom RoleProvider

Question

in my mvc-project i have set up ELMAH for the exception-handling. ELMAH comes with a frontend which can be accessed by "/elmah.axd".

In the web.config this is configured like this:

<location path="elmah.axd">  
        <system.web>
            <httpHandlers>
                <add verb="POST,GET,HEAD" 
                     path="elmah.axd" 
                     type="Elmah.ErrorLogPageFactory, Elmah" />
            </httpHandlers>

            <authorization>
              <allow roles="ADMIN" /> <!-- instead i want to use 'permission' from my custom RoleProvider -->
              <deny users="*"/> 
            </authorization>
        </system.web>
        <system.webServer>
            <handlers>
                <add name="ELMAH" 
                     verb="POST,GET,HEAD"
                     path="elmah.axd" 
                     type="Elmah.ErrorLogPageFactory, Elmah"
                     preCondition="integratedMode" />
            </handlers>
        </system.webServer>
    </location>  

If i would use the standard RoleProvider i would use the authorization as specified in the example above. But as i have a custom RoleProvider i can't / dont know how to do this. For my Views i have implemented a custom Authentication-Attribute which is very similar to the [Authorize] Attribute (but takes Permissions instead...). Now i want to specify the accessibility for "elmah.axd" (which is no physical file) using my custom RoleProvider.

Does anyone have a clue how i could archieve my goal?

Answer 1

here seems to be a viable approach...