Reputation: 1250
I am using Roll management and I am trying to give page and folder access according to user or user group, Also using server created AD group for user authentication.
I have default1.aspx
page as default and subdir1
folder to give different access for separate user group
I am using below logic in web.config.
<location path="subdir1">
<system.web>
<authorization>
<allow users ="?" />
</authorization>
</system.web>
</location>
I am facing problem to provide same access to 2 or more directory to same user so should I have to provide allow user code twice for both folder?
I can use this logic by repeating value for all folder but I want to do all access providing in one logic.
Upvotes: 0
Views: 137
Reputation: 1250
I have got the answer to configure folder/page access, For that i have to make different access as shown below..
Configure Access to a Specific File and Folder, Set up forms-based authentication. Request any page in application to be redirected to Logon.aspx automatically.
In the Web.config file, done the following code.
This code grants all users access to the Default1.aspx page and the Subdir1 folder.
<configuration>
<system.web>
<authentication mode="Forms" >
<forms loginUrl="login.aspx" name=".ASPNETAUTH" protection="None" path="/" timeout="20" >
</forms>
</authentication>
<!-- This section denies access to all files in this application except for those that you have not explicitly specified by using another setting. -->
<authorization>
<deny users="?" />
</authorization>
</system.web>
<!-- This section gives the unauthenticated user access to the Default1.aspx page only. It is located in the same folder as this configuration file. -->
<location path="default1.aspx">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>
<!-- This section gives the unauthenticated user access to all of the files that are stored in the Subdir1 folder. -->
<location path="subdir1">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>
</configuration>
Users can open the Default1.aspx file or any other file saved in the Subdir1 folder in your application. They will not be redirected automatically to the Logon.aspx file for authentication.
Repeat configuration Step to identify any other pages or folders for which you want to permit access by unauthenticated users.
For more Reference check Microsoft support page - https://support.microsoft.com/en-us/kb/301240
And also you can check http://www.iis.net/configreference/system.webserver/security/authorization
After you have to do coding on login page for reference check this -> http://www.codeproject.com/Articles/13872/Form-authentication-and-authorization-in-ASP-NET
Upvotes: 3
Reputation: 927
Actually, the asp.net user access management spans widely so I've decided to introduce you two links which help me a lot. Hope this could help you as well. Understanding Role Management
Upvotes: 0