You can handle that crosscutting concern in ASP.NET by putting an Authorize attribute on those methods that you want to lock unauthorized users out of. Most attributes address issues important to ...