S
SpaceMarine
hello,
i am using Windows authentication w/ my web app and lock it down via
roles. in my testing it seems like the *order* of the <authorization>
elements matters.
eg, this works:
<authorization>
<allow roles="Foo" />
<deny users="?" />
<deny users="*" />
</authorization>
but this doesnt:
<authorization>
<deny users="?" />
<deny users="*" />
<allow roles="Foo" />
</authorization>
....for the latter my browser keeps popping a credentials dialog, even
tho im in the Foo role.
is this expected behavior? ASP.NET v2.
thanks!
sm
i am using Windows authentication w/ my web app and lock it down via
roles. in my testing it seems like the *order* of the <authorization>
elements matters.
eg, this works:
<authorization>
<allow roles="Foo" />
<deny users="?" />
<deny users="*" />
</authorization>
but this doesnt:
<authorization>
<deny users="?" />
<deny users="*" />
<allow roles="Foo" />
</authorization>
....for the latter my browser keeps popping a credentials dialog, even
tho im in the Foo role.
is this expected behavior? ASP.NET v2.
thanks!
sm