Reputation: 33098
Is it possible to have location authorization nodes in a web.config be external?
Is it possible to have location authorization nodes in a web.config be external?
Such that I could take all of the nodes simlar to
<location path="elmah.axd">
<system.web>
<authorization>
<allow roles="Administrator" />
<deny users="*" />
</authorization>
</system.web>
</location>
<location path="Admin">
<system.web>
<authorization>
<allow roles="Administrator, Representative" />
<deny users="*" />
</authorization>
</system.web>
</location>
And move them outside of the web.config or something simlar? I find these nodes at an extreme amount of noise to a web.config when they're relatively static. Normally my approach would be to config source something like this but since it falls under the root node I'm not sure of it's possible with these nodes.
Upvotes: 3
Views: 435
Answers (1)
Reputation: 21864
you can create a web.config inside each folder with appropriate security settings, all named web config.
- ~/members/web.config
- ~/members/vip/web.config
like:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<authorization>
<allow roles="developers" />
<allow roles="testers" />
<deny users="*" />
</authorization>
</system.web>
</configuration>
Per folder you can have one original web.config, so it would be a good approach to move resources (handlers, pages, controls) "per-authorazition" to that according folder.
Upvotes: 2
Related Questions
- authorization web.config
- Web.Config for Forms Authentication, Locations not available to anonymous users
- ConfigSource on Location element in Web.Config
- MVC 3 location allow users in web.config
- "location" based Authorization
- Conditional location authorization in web.config?
- Web.config allow location access for specific user
- web.config and authentification, authorization, location
- Location tag in web.config for authorization
- Location access in ASP.NET