r3try
Reputation: 677
Restrict access to ELMAH using custom RoleProvider
in my mvc-project i have set up ELMAH for the exception-handling. ELMAH comes with a frontend which can be accessed by "/elmah.axd".
In the web.config this is configured like this:
<location path="elmah.axd">
<system.web>
<httpHandlers>
<add verb="POST,GET,HEAD"
path="elmah.axd"
type="Elmah.ErrorLogPageFactory, Elmah" />
</httpHandlers>
<authorization>
<allow roles="ADMIN" /> <!-- instead i want to use 'permission' from my custom RoleProvider -->
<deny users="*"/>
</authorization>
</system.web>
<system.webServer>
<handlers>
<add name="ELMAH"
verb="POST,GET,HEAD"
path="elmah.axd"
type="Elmah.ErrorLogPageFactory, Elmah"
preCondition="integratedMode" />
</handlers>
</system.webServer>
</location>
If i would use the standard RoleProvider i would use the authorization as specified in the example above. But as i have a custom RoleProvider i can't / dont know how to do this. For my Views i have implemented a custom Authentication-Attribute which is very similar to the [Authorize] Attribute (but takes Permissions instead...). Now i want to specify the accessibility for "elmah.axd" (which is no physical file) using my custom RoleProvider.
Does anyone have a clue how i could archieve my goal?
Upvotes: 1
Views: 912
Related Questions
- How do I secure Elmah on ASP.Net MVC 4 with Windows Integrated Security : Elmah ignores my settings
- How can I restrict remote access to Elmah?
- Configuring custom authorization with ELMAH
- Custom authentication for Elmah in .net mvc
- How to set a custom route value so that only members with the Admin role can access my elmah.axd page in MVC3
- Password protect Elmah while web application Anonymously accessible
- How do i restrict access to elmah without using in-built authentication?
- How to secure Elmah in MVC in area
- How to provide only Access for ELMAH.axd for Administrator login in web
- Secure elmah with ASp.NET security but only to some users