protected override bool AuthorizeCore(HttpContextBase httpContext) { var role = (string)HttpContext.Current.Session["loggedUserRole"]; return (!String.IsNullOrEmpty(role) && (role.Equals("Maestro") || role.Equals("Director"))); }