Reputation: 2203
Deny access to specific roles
I have a folder UserManagement with role based access and is as below.
<authorization>
<deny users="?" />
<allow roles="UserAdmin_M"/>
<allow roles="UserAdmin_MC"/>
<deny roles="ReportsAdmin"/>
</authorization>
Admin will have access to other folders as well like reports. Now the problem is, I'm having an user "TestUser" with roles UserAdmin_M and ReportsAdmin but the application is blocking the access to "UserManagement" folder for TestUser. How to overcome this?
Upvotes: 1
Views: 994
Answers (1)
Reputation: 82096
I might be wrong, but could this have something to do with the order in which you have assigned the roles to your user? From MSDN it states:
At run time, the authorization module iterates through the allow and deny elements, starting at the most local configuration file, until the authorization module finds the first access rule that fits a particular user account. Then, the authorization module grants or denies access to a URL resource depending on whether the first access rule found is an allow or a deny rule.
Make sure you are assigning the UserAdmin_M role before the ReportsAdmin rule.
FYI - you can comma separate roles in your configuration:
<authorization>
<deny users="?" />
<allow roles="UserAdmin_M, UserAdmin_MC" />
<deny roles="ReportsAdmin" />
</authorization>
Upvotes: 1
Related Questions
- Restrict access to some .aspx pages
- ASP.NET Deny Access to certain pages based on roles
- Role based authorization in asp.net
- asp.net roles management
- Restrict Items to Admin Role & User Role Membership Provider
- How to deny a user in a role unless they are in another role in .NET c#
- Restrict access to the site for specific role
- Restricted access for usercontrol by role
- Permissions for roles in .NET
- how to set roles to limit the access of pages in asp.net?