Reputation: 725
Different authorizations for different pages?
My question is rather naive and I apologize for that .My web config file for a restricted access folder is as follows
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<authorization>
<allow roles="Member" />
<allow roles="Admin" />
<deny users="?" />
</authorization>
</system.web>
</configuration>
Now this applies to all the pages in the folder,is there a way I can modify it such that any user with the role Member will have access to say only members.aspx while Admin will have access to a whole bunch of pages .
I guess I could do it by creating different folders and storing different pages in the them and assigning the webconfig as needed but I was wondering if it was possible to have page level authorization (based on roles) in a single folder
Thanks !
Upvotes: 0
Views: 204
Answers (1)
Reputation: 194
You can specify access to different specific URLs in your site by using location elements. Note that you can configure all locations from your parent web.config; having multiple web.config files for this is not necessary.
<location path="members.aspx">
<system.web>
<authorization>
<allow roles="Member" />
<allow roles="Admin" />
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="adminsonly.aspx">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="?" />
</authorization>
</system.web>
</location>
Upvotes: 2
Related Questions
- how to authorize user into multiple page and vice versa
- Restrict access to some .aspx pages
- ASP.NET Deny Access to certain pages based on roles
- Multiple access rules to pages in ASP.NET
- Asp.net and security
- implement form authentication on some pages not all pages
- Aspx authorization in Web.Config
- using multiple authorization elements in web.config
- Specific page security on web.config
- Asp.Net deny access on certain pages to users