Authorization not working

From: Joe Reazor (joenospam@belgor.com)
Date: 03/12/03


From: "Joe Reazor" <joenospam@belgor.com>
Date: Wed, 12 Mar 2003 14:01:47 -0500


This ASP.net security stuff is driving me nuts. I am following all of the
VERY SIMPLE examples that I can find and they are not working for me. I am
trying to secure something so that all users except a couple are denied.
>From what I could find this should work:

<authorization>

<deny users="*" />

<allow users="joe,jim" />

</authorization>

But no matter what nobody can access the protected pages. Does the order of
the <deny> and <allow> tags matter? What else am I missing? If I deny
anonymous users using <deny users="?"> and allow all users using <allow
users="*"> then it works as I want by not allowing anonymous users and
redirecting to a forms login. But I need to get it to only allow certain
users for some cases. Any help is appreciated.

TIA

==============
Joe Reazor
Gorbel Inc.
email: joereaATgorbelDOTcom



Relevant Pages

  • Re: "Deny" permissions keep getting lost?
    ... Enable auditing on those files, and/or the containing folder, so ... As you state that you placed an explicit deny on each file, ... Security) ... > used as a file server on a small network. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Gpedit.msc
    ... log off and back in with an admin account. ... again access the Security dialog ... of the same GroupPolicy folder and remove the Deny ... > "Ace" wrote in message ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Office 2003 Setup
    ... > Security Properties of Outlook.exe. ... It warned me that it was inheriting permissions from ... In your next post you decided to use the DENY route for individual ...
    (microsoft.public.windowsxp.security_admin)
  • Re: How to get full access to all contents?
    ... Security) ... > How to become sure that there is no Deny for any group. ... The file is EFS ... > "Roger Abell" wrote in message ...
    (microsoft.public.windowsxp.security_admin)
  • Re: restrict read access
    ... Check to see if the objects are inheriting the parent ou's security. ... What ou did you deny? ... >>> account) and stores in an interna database. ... >>> we would like to restrict that to an special OU. ...
    (microsoft.public.win2000.active_directory)