473,385 Members | 1,757 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > web.config question

Join Bytes to post your question to a community of 473,385 software developers and data experts.

Web.Config Question

Hi

I have a web site that uses forms authenication. Once a user is authenicated their role is writtern into the ticket (FormsAuthenticationTicket), then into a HttpCookie object.

I have set up the following in web.config
<customErrors defaultRedirect="GenericError.htm" mode="RemoteOnly">
<error statusCode="401" redirect="InsufficientAccess.apsx "/>
<error statusCode="403" redirect="InsufficientAccess.apsx "/>
</customErrors>

Further down in web config I have the following:

<location path="AdminPage.aspx">
<system.web>
<authorization>
<deny users="?" />
<allow roles="Admin" />
</authorization>
</system.web>
</location>

How do I set up access permissions only allowing users in the admin role permission to AdminPage.aspx, and all other users are to be redirected to the page as indicated by the <error ... /> section?

Craig
Nov 17 '05 #1
1 1840
Assuming you are using windows authentication.

<location path="AdminPage.aspx">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*" />
</authorization>
</system.web>
</location>

How this works is for page adminpage.aspx the application will allow users
in the Admin role to access the page, and then deny EVERYONE else.

The difference between the * and ? is * is ALL users. The ? is only
anonymous (or unauthenticated users).

Authoziation works top down, so it will look for a match in the order it is
listed. The allow must go before the deny everyone will be denied.

The way you had it would not allow any authenticated user to view the page,
then allow all users in the "admin" role to view the page, then allow
everyone else.

HTH,

bill

"Craig Pearson" <pe******@un.org> wrote in message
news:uo**************@TK2MSFTNGP09.phx.gbl...
Hi

I have a web site that uses forms authenication. Once a user is
authenicated their role is writtern into the ticket
(FormsAuthenticationTicket), then into a HttpCookie object.

I have set up the following in web.config
<customErrors defaultRedirect="GenericError.htm" mode="RemoteOnly">
<error statusCode="401" redirect="InsufficientAccess.apsx "/>
<error statusCode="403" redirect="InsufficientAccess.apsx "/>
</customErrors>
Further down in web config I have the following:

<location path="AdminPage.aspx">
<system.web>
<authorization>
<deny users="?" />
<allow roles="Admin" />
</authorization>
</system.web>
</location>
How do I set up access permissions only allowing users in the admin role
permission to AdminPage.aspx, and all other users are to be redirected to
the page as indicated by the <error ... /> section?

Craig
Nov 17 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
How to upgrade config file
by: Chinmoy Mukherjee | last post by:
Hi All, I have a config file as followings IP_ADDR=1.2.3.4 PORT=1290 IP_ADDR=1.2.3.5 PORT=1291
C / C++
22
Why XML config files?
by: Daniel Billingsley | last post by:
Ok, I wanted to ask this separate from nospam's ridiculous thread in hopes it could get some honest attention. VB6 had a some simple and fast mechanisms for retrieving values from basic text...
C# / C Sharp
6
can vb.net2003 create config file in bin directory?
by: Rich | last post by:
Hello, I picked up this example on using the Reflection namespace for loading forms/classes on the fly at msdn http://msdn.microsoft.com/library/default.asp?...
Visual Basic .NET
5
Can app.config be updated by the user?
by: Dean Slindee | last post by:
I store several application settings in the project's "app.config" file. I also have a form that reads these values and displays them in a listview so that the user can adjust them. My question...
Visual Basic .NET
11
Machine Config
by: TARUN | last post by:
Hello All I need to ask about the configuration file in .NET, There are Two config File 1. Web Config 2. Machine config I understand the the usage of Web config , but not able to understand...
ASP.NET
5
Yet another app.config question - Isn't this supposed to be easy?
by: Keith | last post by:
Hello all, I have a C# Windows Forms app. It is in namespace App.GUI. It builds to Nav.exe. I have entered an application level setting using the designer. Its type is string, name is "FOO"...
C# / C Sharp
5
ASP.NET 2.0 With DLL config files Shadow Copy Question
by: mark_overstreet | last post by:
I have a generic data layer DLL that expects to read its connection string from it's own config file. The dll and config file have been placed in the bin directory (VS.NET2005). However, due to...
C# / C Sharp
1
Simple question with config file
by: =?Utf-8?B?Y2FsZGVyYXJh?= | last post by:
Dear all, I am developing a multi tiers application and actually responsible of delivering the buines logic library. That buisnes logic library will need some parameters to be suitebale...
.NET Framework
12
Wiring up an App.Config file - deploying the App.Config file
by: dbuchanan | last post by:
Hello, (Is this the proper newsgroup?) === Background === I am building a solution with two projects. One project is my data access layer which contains my DataSet as an xsd file. The XSD...
.NET Framework
10
web.config question 2.0
by: eagle | last post by:
I have a web.config in my application that contains the connection strings to all my datasources. I want to move these connection strings to another web config up the folder hierarchy so that all...
ASP.NET
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!