Re: authorization different paths and roles

From: Hernan de Lahitte (hernan_at_lagash.com)
Date: 08/30/04 

Date: Mon, 30 Aug 2004 14:57:25 -0300

Hi Matias,

I assume that you are using Forms Authentication and you are filling the
roles info with the appropriate data. Otherwise if you use Windows Auth you
should add the domain info the group name (role). Regarding the first
scenario, your last config should be fine: (apply the same to the
'resourcemgr' folder with the 'resourceEditors' role)

> <location path="manager">
> <system.web>
> <authorization>
> <allow roles="admins" />
> <deny users="*" />
> </authorization>
> </system.web>
> </location>

This section may be located in the root web.config file.
You should have this setting in the system.web main section as well.

<authorization>
    <deny users="?" />
</authorization>

Notice that all users with the 'admins' role inlcuded in it's roles
collection will be allowed to access the manager folder. 

-- 
Hernan de Lahitte
Lagash Systems S.A.
http://weblogs.asp.net/hernandl
This posting is provided "AS IS" with no warranties, and confers no rights.
"Matias Woloski" <woloski@NOSPAMsion.com> wrote in message 
news:uazgtXpjEHA.3608@TK2MSFTNGP09.phx.gbl...
> Writing this, it won't allow anyone to get into manager,
>
> <location path="manager">
>  <system.web>
>   <authorization>
>    <allow roles="admins" />
>    <deny users="*" />
>   </authorization>
>  </system.web>
> </location>
>
> However, I still cannot make it work to only allow "admins" role.
>
> any ideas?
>
> thanks!
> Matias
>
> "naijacoder naijacoder" <naijacoder@toughguy.net> wrote in message
> news:eRVeRUVjEHA.2524@TK2MSFTNGP11.phx.gbl...
>> <location path="manager"> is this path MANAGER a drirectory in IIS or a
>> group?
>> Try using <deny> and see if it will go..
>> Cheers
>>
>>
>>
>>
>> *** Sent via Developersdex http://www.developersdex.com ***
>> Don't just participate in USENET...get rewarded for it!
>
>