|
ms
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
authorization problemauthentication for authenticating and authorizing users. He has the following layout of files and directories in his website: Root ....File Manager/ ....Files Employee/ ...Files He wants to configure Forms authentication in such a way that the following requirements are met: 1. Users with role employee can access web forms, which are either at root or in Employee folder. 2. Users with role manager can access all the web forms. For this purpose, he placed Web.config files in Manager and Employee folder. He has placed the following code in Web.config file: Employee/Web.config <system.web> <authorization> <allow roles="employee" /> <deny users="*" /> </authorization> </system.web> Manager/Web.config <system.web> <authorization> <allow roles="manager" /> <deny users="*" /> </authorization> </system.web> When he runs the application and logins with the manager role, he can access the web forms that are placed in the Manager folder, but he cannot access the web forms that are placed in the Employee folder. What could be the possible cause of this problem? Please discuss the authorization element to support your answer. Please try to find this problem. Regards Sonu Will a user in the "Manager" role also be in the "Employee" role? If not,
you need to change the Employee/Web.Config to include access for both roles e.g. Employee/Web.config <system.web> <authorization> <allow roles="employee,manager" /> <deny users="*" /> </authorization> </system.web> Show quoteHide quote "sonu" wrote: > Mark is creating a website using ASP.NET. He is using Forms > authentication for authenticating and authorizing users. He has the > following > layout of files and directories in his website: > > Root > ....File > Manager/ > ....Files > Employee/ > ...Files > > He wants to configure Forms authentication in such a way that the > following requirements are met: > 1. Users with role employee can access web forms, which are either at > root or in Employee folder. > 2. Users with role manager can access all the web forms. > > For this purpose, he placed Web.config files in Manager and Employee > folder. He has > placed the following code in Web.config file: > > Employee/Web.config > <system.web> > <authorization> > <allow roles="employee" /> > <deny users="*" /> > </authorization> > </system.web> > > Manager/Web.config > <system.web> > <authorization> > <allow roles="manager" /> > <deny users="*" /> > </authorization> > </system.web> > > When he runs the application and logins with the manager role, he can > access the web forms that are placed in the Manager folder, but he > cannot access the web forms that are placed in the Employee folder. > What > could be the possible cause of this problem? Please discuss the > authorization element to support your answer. > > Please try to find this problem. > > Regards > Sonu > > 
Thread options
Other interesting topics
AppDomains and Exceptions
String concatenation -- not the typical question How properly return XML from an ASPX page? cannot implicitly convert type string to bool Converting a float to a string DataView.Sort NaN How to detect a null value Scope and values of Object XML Schmell !!! Why can't my delegate be public? |
|||||||||||||||||||||||
