the folder that you want the restrictions on. In this new
web.config file, include the authorization tag for denying
all users.
-----Original Message-----
In my application I'm using forms authentication, but allowing allusers.
<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>
And I don't want anybody to access to a special folder. So in web.configI wrote:
<location path="Data">
<system.web>
<authorization>
<deny users="*" />
</authorization>
</system.web>
</location>
But Ýt doesn't work. I can access to .xml files in the directory. Cananyone see what is wrong...?
.