Sign In| Join
Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Apr 22, 2012 05:40 PM by M.Asadi
0 Points
10 Posts
Apr 14, 2012 06:36 AM|LINK
hello everyone
I customized membership &
I want to add access in one of the project folders
in the main web.config:
<authorization> <deny users="?"/> </authorization>
and in the folder web.config:
<configuration> <system.web> <authorization> <deny users="?"/> </authorization> </system.web> <location path="Permission.aspx"> <system.web> <authorization> <allow roles="admin"/> <deny users="*"/> <deny users="?" /> </authorization> </system.web> </location> </configuration>
but it doesn't work
I logged with 2 users, one in admin role one in other roles
it blocks both users and remains message "URL authorization failed for the request. " in event viewer
When I changed
<allow roles="admin"/> to
<allow users="admin"/>
it work OK for this user
but I want to allow this role not only this user
Star
8841 Points
1701 Posts
Apr 14, 2012 06:54 AM|LINK
Hi
Use only:
<allow roles="admin" /> <deny users="?"/>
Apr 14, 2012 07:06 AM|LINK
I changed it as you said
but now
bot user type(=admin & non admin) can access to this form
Apr 14, 2012 07:24 AM|LINK
Download this complete sample with source code and use that as reference:
http://www.asp.net/web-forms/tutorials/security/admin/unlocking-and-approving-user-accounts-cs
Also there is a PDF
11225 Points
1815 Posts
Apr 14, 2012 08:06 AM|LINK
define your root web.config like mentioned below
<location path="Admin"> <system.web> <authorization> <allow roles="admin"/> <deny users="*"/> </authorization> </system.web> </location>
And define web.config in folder as
<system.web> <authorization> <allow roles=admin"/> <deny users="*"/> </authorization> </system.web>
refer Forms Authentication ticket for more info
Apr 14, 2012 08:07 AM|LINK
tnx for replying
I saw it (but not usefull).
I think some bad things happenning in my customized role or membership.
because when I changed the role(admin) to the user(admin) it works good & only this user has permission.
how can I trace the access configured in web.config & solve this problem?
no error are shown anywhere.
I checked the role of this user by this method & it returns true: new Membership.CRoleProvider().IsUserInRole("Admin", "admin")
Apr 14, 2012 08:12 AM|LINK
I did as U said but all user=admin+ non admin can not access to this folder
Apr 15, 2012 07:30 AM|LINK
Nobody has any idea?
Only I want to trace the cotsum role & Membership. How can I do?
Member
229 Points
246 Posts
Apr 16, 2012 12:34 AM|LINK
maybe this can help you
http://www.asp.net/web-forms/videos/authentication
I tried this as my reference :)
M.Asadi
0 Points
10 Posts
allow role access to an aspx page in web.config
Apr 14, 2012 06:36 AM|LINK
hello everyone
I customized membership &
I want to add access in one of the project folders
in the main web.config:
<authorization>
<deny users="?"/>
</authorization>
and in the folder web.config:
<configuration>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
<location path="Permission.aspx">
<system.web>
<authorization>
<allow roles="admin"/>
<deny users="*"/>
<deny users="?" />
</authorization>
</system.web>
</location>
</configuration>
but it doesn't work
I logged with 2 users, one in admin role one in other roles
it blocks both users and remains message "URL authorization failed for the request. " in event viewer
M.Asadi
0 Points
10 Posts
Re: allow role access to an aspx page in web.config
Apr 14, 2012 06:36 AM|LINK
When I changed
<allow roles="admin"/> to
<allow users="admin"/>
it work OK for this user
but I want to allow this role not only this user
Primillo
Star
8841 Points
1701 Posts
Re: allow role access to an aspx page in web.config
Apr 14, 2012 06:54 AM|LINK
Hi
Use only:
Primillo
http://www.facebook.com/programandopuntonet
M.Asadi
0 Points
10 Posts
Re: allow role access to an aspx page in web.config
Apr 14, 2012 07:06 AM|LINK
I changed it as you said
but now
bot user type(=admin & non admin) can access to this form
Primillo
Star
8841 Points
1701 Posts
Re: allow role access to an aspx page in web.config
Apr 14, 2012 07:24 AM|LINK
Download this complete sample with source code and use that as reference:
http://www.asp.net/web-forms/tutorials/security/admin/unlocking-and-approving-user-accounts-cs
Also there is a PDF
Primillo
http://www.facebook.com/programandopuntonet
amit.jain
Star
11225 Points
1815 Posts
Re: allow role access to an aspx page in web.config
Apr 14, 2012 08:06 AM|LINK
define your root web.config like mentioned below
<location path="Admin">
<system.web>
<authorization>
<allow roles="admin"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
And define web.config in folder as
<system.web>
<authorization>
<allow roles=admin"/>
<deny users="*"/>
</authorization>
</system.web>
refer Forms Authentication ticket for more info
amiT jaiN
ASP.NET C# VB Articles And Code Examples
M.Asadi
0 Points
10 Posts
Re: allow role access to an aspx page in web.config
Apr 14, 2012 08:07 AM|LINK
tnx for replying
I saw it (but not usefull).
I think some bad things happenning in my customized role or membership.
because when I changed the role(admin) to the user(admin) it works good & only this user has permission.
how can I trace the access configured in web.config & solve this problem?
no error are shown anywhere.
I checked the role of this user by this method & it returns true: new Membership.CRoleProvider().IsUserInRole("Admin", "admin")
M.Asadi
0 Points
10 Posts
Re: allow role access to an aspx page in web.config
Apr 14, 2012 08:12 AM|LINK
I did as U said but all user=admin+ non admin can not access to this folder
M.Asadi
0 Points
10 Posts
Re: allow role access to an aspx page in web.config
Apr 15, 2012 07:30 AM|LINK
Nobody has any idea?
Only I want to trace the cotsum role & Membership. How can I do?
paulalvin
Member
229 Points
246 Posts
Re: allow role access to an aspx page in web.config
Apr 16, 2012 12:34 AM|LINK
maybe this can help you
http://www.asp.net/web-forms/videos/authentication
I tried this as my reference :)