Re: Allow certain users for an intranet app
- From: Dominick Baier <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 12 Feb 2008 13:53:21 +0000 (UTC)
Better create a windows group and use
<allow roles="Group" />
don't forget the
<deny users="*" />
at the end ;)
-----
Dominick Baier (http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
My web app reads/writes to the db and the company will only authorize
some users to access and run the app. It will be used as an intranet
behind Company's firewall. Should I add the users in the web.config
file as in the following:
<authentication mode="Windows"/>
<identity impersonate="true"/>
<authorization>
<allow users="b.smith, m.thomas" />
This will allow "b.smith" and "m.thomas" access to the app.
Thanks,
maa
.
- Prev by Date: RE: Impersonate
- Next by Date: RE: Impersonate
- Previous by thread: Adding Roles and Membership to 2003
- Next by thread: Exchange webDav Configuration
- Index(es):
Relevant Pages
|
