Re: Authentication to specific files/pages
From: ET (pleaseaskme_at_test.com)
Date: 02/13/04
- Next message: ET: "Re: Authentication to specific files/pages"
- Previous message: NWx: "Forms autentication and registration page - some advices"
- In reply to: David Coe, MCP: "RE: Authentication to specific files/pages"
- Next in thread: ET: "Re: Authentication to specific files/pages"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 13 Feb 2004 13:48:51 +1000
Hi David,
Thanks for your prompt reply. Your explanation really helped. I have another
question regarding the allow/deny permissions. Does "deny" always override
"allow"? Also, is there a way to write the code so that only a few users are
allowed to access, and the rest are denied? Because of deny always overrides
allow, there doesn't seem to be any point writing the list of allowed users
when "deny everyone/the rest" overrides it. Thanks again!
ET
"David Coe, MCP" <dhc0e@aol.com> wrote in message
news:4C4E84CB-EA8F-4090-847E-DC918B46F2F5@microsoft.com...
> ET -
>
> You have some very valid questions, and I will try to make sense of what
you are asking.
>
> Yes, you can use the windows domain accounts instead of a database to
authenticate your users. You will need to enable IIS for Windows
authentication, and then in the web.config file, use <authentication
mode="Windows" /> and <authorization><allow users="*" /><!-- Allow all
users --><!-- <allow users="[comma separated list of users]"
> roles="[comma separated list of
roles]"/><deny users="[comma separated list of users]"
> roles="[comma separated list of roles]"/>
> --></authorization> ... you can either list all of the users
you want to allow/deny access to, or you can list specific roles that you
want to allow access to (ie, administrator).
>
> You have a few options when it comes to configuring access for each
directory. You can either put a web.config file in each directory, or in
your top-level web.config file you can add a <location> element and specify
the directories that you want to allow/deny access to. For instance:
>
> <!--close the system.web element></system.web><location
path="folder_or_file_name"><system.web><authorization><allow users="*"
/><!-- Allow all users --><!-- <allow users="[comma separated list of
users]"
> roles="[comma
separated list of roles]"/><deny users="[comma separated list of
users]"
> roles="[comma
separated list of roles]"/>
> --></authorization></
system.web></location>
- Next message: ET: "Re: Authentication to specific files/pages"
- Previous message: NWx: "Forms autentication and registration page - some advices"
- In reply to: David Coe, MCP: "RE: Authentication to specific files/pages"
- Next in thread: ET: "Re: Authentication to specific files/pages"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
