C
cmrchs
Hi,
I'm having problems with the interpretation of roles in the <authentication> entries in web.config
Scenario :
I'm logging on as 'Administrator' and try to access a site for which the IIS-authentication method is set to 'Integrated Windows' only
Following are the web.config-entries of the site :
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<allow users="MYDOMAIN\Administrator" />
<deny users="*" />
</authorization>
When I access the site it displays :
Authenticated user: MYDOMAIN\Administrator
User was authenticated with: NTLM
Windows identity: MYDOMAIN\Administrator
==> OK
but... the following gives me an "Access Denied"
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<allow roles="MYDOMAIN\Administrators" />
<deny users="*" />
</authorization>
And I double-checked that Administrator is a member of the Administrators-group
I tried with other users-roles and every time I allow only access to roles doesn't I have access ??
How come ?
Any ideas ?
thanks
Chris
**********************************************************************
Sent via Fuzzy Software @ http://www.fuzzysoftware.com/
Comprehensive, categorised, searchable collection of links to ASP & ASP.NET resources...
I'm having problems with the interpretation of roles in the <authentication> entries in web.config
Scenario :
I'm logging on as 'Administrator' and try to access a site for which the IIS-authentication method is set to 'Integrated Windows' only
Following are the web.config-entries of the site :
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<allow users="MYDOMAIN\Administrator" />
<deny users="*" />
</authorization>
When I access the site it displays :
Authenticated user: MYDOMAIN\Administrator
User was authenticated with: NTLM
Windows identity: MYDOMAIN\Administrator
==> OK
but... the following gives me an "Access Denied"
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<allow roles="MYDOMAIN\Administrators" />
<deny users="*" />
</authorization>
And I double-checked that Administrator is a member of the Administrators-group
I tried with other users-roles and every time I allow only access to roles doesn't I have access ??
How come ?
Any ideas ?
thanks
Chris
**********************************************************************
Sent via Fuzzy Software @ http://www.fuzzysoftware.com/
Comprehensive, categorised, searchable collection of links to ASP & ASP.NET resources...