[eluser]Michael Wales[/eluser]
I would call a private function from my constructor (or a library, if you plan to implement this across multiple controllers) that will verify whether the user has the rights to access a particular URI.
Essentially, you are looking to build an ACL.