Re: wonky <authorization> (order matters?)
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 21 May 2008 00:15:32 -0500
Yes, it does matter. It evaluates each rule in order until it matches and
then it applies the allow or deny based on the match.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"SpaceMarine" <spacemarine@xxxxxxxxxxxxxx> wrote in message
news:1a2a6639-2b07-44cd-9451-79f20a085cdf@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
hello,
i am using Windows authentication w/ my web app and lock it down via
roles. in my testing it seems like the *order* of the <authorization>
elements matters.
eg, this works:
<authorization>
<allow roles="Foo" />
<deny users="?" />
<deny users="*" />
</authorization>
but this doesnt:
<authorization>
<deny users="?" />
<deny users="*" />
<allow roles="Foo" />
</authorization>
...for the latter my browser keeps popping a credentials dialog, even
tho im in the Foo role.
is this expected behavior? ASP.NET v2.
thanks!
sm
.
- References:
- wonky <authorization> (order matters?)
- From: SpaceMarine
- wonky <authorization> (order matters?)
- Prev by Date: Re: newbie help - Active Directory Membership Provider
- Next by Date: Cannot create RSA key container
- Previous by thread: wonky <authorization> (order matters?)
- Next by thread: Cannot create RSA key container
- Index(es):
Relevant Pages
|
