Re: Cannot set specific authorization to a folder

Hi Magnus,
My understanding of the authorization rules is that the
ordering is important and that your <deny users="*"> will take
precedence
over your allow rule since it is listed first. Try changing the
ordering.

Failing that I have seen something similar where using the "hostname
\groupname" wasn't being processed correctly and
the apparent solution was to use "localhost\groupname" instead. I
guess that is worth a shot.

Dave.


On Nov 5, 11:30 pm, "Magnus" <magnus.blomb...@xxxxxxxxxx> wrote:
Thanks Joe, but I don't think Impersonate is applicable in this case. This
should just be when using code to access other resources as a database.
Tried it anyhow without any further success. Anyone that can confirm this,
and maybe help me?

/Magnus

"Joe Kaplan" <joseph.e.kap...@xxxxxxxxxxxxxxxxxxxxxxxx> wrote in message

news:ewieuP$HIHA.5400@xxxxxxxxxxxxxxxxxxxxxxx

It doesn't look like you have impersonation enabled, so the security check
would be done with the process account instead of the identity of the
authenticated user.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Magnus" <magnus.blomb...@xxxxxxxxxx> wrote in message
news:ufCrVQ4HIHA.4712@xxxxxxxxxxxxxxxxxxxxxxx
Hi,

I have a web application with the following web.config (I removed area
not regarded to security).
I have a local group called ITCoordinators that I want to give access to
the existing folder Downloads in my root application.

I have no problem to reach the root application, but when trying to
access Default.aspx in the folder Downloads I get Access Denied.
I am logged in as a domain user that is directly added in the local group
ITCoordinators.
I also tried from other computers but it doesn't work.
The local group ITCoordinators are located at my web server called sto45.
I also tried without writing sto45\ but it didn't work.
<configuration>
<system.web>
<authentication mode="Windows"/>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
<location path="Downloads" inheritInChildApplications="true">
<system.web>
<authorization>
<deny users="*" />
<allow roles="sto45\ITCoordinators" />
</authorization>
</system.web>
</location>
</configuration>

Please help
Regards /Magnus


.

Relevant Pages

  • Cannot set specific authorization to a folder
    ... I have a local group called ITCoordinators that I want to give access to the ... I have no problem to reach the root application, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Custom Compile Time Attributes?
    ... my plan is to throw an exception from the call to Authorize. ... instead how I declare the authorization rules in my code. ... public Customer GetCustomer(String Id) ...
    (microsoft.public.dotnet.framework)