<deny users="?" /> <allow users="*" />

K

Kylin

<!-- security -->
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>

I know the <deny user="?" /> mean that deny the anonymous user ,
And I know the <allow user="*"> mean that allow all the user,
but they are together ,
what is the meaning ?
 
Y

Yunus Emre ALPÖZEN [MCAD.NET]

web.config file is interpreted line by line. This means deny anonymous user
and accepten users which are authenticated. When a user request wants to be
authorized, ASP.NET looks if it is a guest, if yes denies, otherwise allows
user.

Try to change line order and see what happens like:
<!-- security -->
<authorization>
<allow users="*" />
<deny users="?" />
</authorization>
 
R

Ravichandran J.V.

"?" stands for anonymous users and "*" for all users. So,

<allow users="Jv"/>
<deny users="?"/>

will allow user "Jv" but deny all anonymous users. You can use to separate
multiple identiies.

<allow users="Jv, Kylin"/>
<deny users="?"/>

with regards,

J.v.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ASP.NET 2.0 Authorization based on Combination of Allow/Deny Users/Roles. 1
Discord.js - Code not working 3
wonky <authorization> (order matters?) 1
newbie: allow deny vs deny allow 2
Forms Auth/Membership & Roles Providers/Secured Directory 1
I want to simulate social network activity. How to approach the problem? 1
Need tips on adding an auth layer to an existing webapp 1
Role base security and RedirectUrl 3

Members online

No members online now.
Total: 33 (members: 0, guests: 33)
Robots: 173

Forum statistics

Threads
473,754
Messages
2,569,528
Members
45,000
Latest member
MurrayKeync

Latest Threads

Top