Folder Authorization.

Discussion in 'ASP .Net Security' started by Thammarat Charoenchai., May 24, 2005.

  1. Hi.

    How I set <location path="/admin"> for my all file in "xxx" folder.

    now i can use <location path="/admin/main.aspx"> it's work.

    but <location path="/admin">
    or <location path="admin/">
    or <location path="admin"> is error.


    anyone please help me. and sorry for my english :)
    Thammarat Charoenchai., May 24, 2005
    #1
    1. Advertising

  2. Thammarat Charoenchai.

    Brock Allen Guest

    > but <location path="/admin">
    > or <location path="admin/">
    > or <location path="admin"> is error.


    What error are you getting? The last one should work.

    -Brock
    DevelopMentor
    http://staff.develop.com/ballen
    Brock Allen, May 25, 2005
    #2
    1. Advertising

  3. When i use this code in /web.config

    <location path="admin">
    <system.web>
    <authorization>
    <allow users="admin"/>
    </authorization>
    </system.web>
    </location>

    I think it should be allow only user name "admin" but when I run it allow
    every user.

    but if I use

    <location path="admin">
    <system.web>
    <authorization>
    <deny users="*"/>
    </authorization>
    </system.web>
    </location>

    It's not allow all users.

    what i'm worng? :)
    Thammarat Charoenchai., May 26, 2005
    #3
  4. Hello Thammarat Charoenchai.,

    always add a <deny users="*" /> at the end.

    <location path="admin">
    <system.web>
    <authorization>
    <allow users="admin"/>
    <deny users="*" />
    </authorization>
    </system.web>
    </location>

    is the right one

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > When i use this code in /web.config
    >
    > <location path="admin">
    > <system.web>
    > <authorization>
    > <allow users="admin"/>
    > </authorization>
    > </system.web>
    > </location>
    > I think it should be allow only user name "admin" but when I run it
    > allow every user.
    >
    > but if I use
    >
    > <location path="admin">
    > <system.web>
    > <authorization>
    > <deny users="*"/>
    > </authorization>
    > </system.web>
    > </location>
    > It's not allow all users.
    >
    > what i'm worng? :)
    >
    Dominick Baier [DevelopMentor], May 26, 2005
    #4
  5. It's working. Thank you very much.
    Thammarat Charoenchai., May 26, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. THY
    Replies:
    3
    Views:
    2,909
    Alvin Bruney
    Oct 16, 2003
  2. William LaMartin

    _vti_cnf folder in the bin folder-- a problem?

    William LaMartin, Nov 10, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    1,683
    Oliver
    Nov 10, 2003
  3. Dan
    Replies:
    7
    Views:
    18,522
    catherine sea
    Oct 28, 2010
  4. SeanRW
    Replies:
    1
    Views:
    353
    Dominick Baier [DevelopMentor]
    May 25, 2006
  5. Magnus

    Cannot set specific authorization to a folder

    Magnus, Nov 5, 2007, in forum: ASP .Net Security
    Replies:
    3
    Views:
    185
    TygerKrash
    Nov 6, 2007
Loading...

Share This Page