RE: help on Access to specific location ??

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Matt Tester" <MattTester@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 29 Sep 2005 01:15:43 -0700

Hi Serge,

If you're using Windows Authentication with Impersination set to true, then
ASP.NET runs under that users account, and so is subject to NTFS permissions.
To be honest, I haven't tried denying read access to a folder within a
website for a given user to see what happens, but I'd say you'd want to use
the ASP.NET approach for that kind of security.

At a guess I'd say ASP.NET would check the Request and allow it to continue
if the web.config allows it, after which it may be blocked by NTFS security.
It would therefore always take the access granted by both systems.

You'd really want to use the NTFS security for access to other resources or
folders, not directly under the control of ASP.NET.

Matt

"serge calderara" wrote:

> thanks for your answer mat,
>
> how to this authentification method behaves with NTFS permission set on
> th folder as well in case we use windows authentication of course.
>
> Does it take in account the most restrictive permission combine with
> webconfig file and folder security ?
>
>
> "Matt Tester" wrote:
>
> > Hi Serge,
> >
> > To allow users to certain area's, using the built in security framework,
> > requires the use of the "authorization" element in the config file. You can
> > then use the "location" element from with your config file to set other
> > folders have other security permissions. The other way is to place a separate
> > web.config in each folder you wish to secure, but the location element seems
> > more elegant.
> >
> > E.g. (hope the xml comes out ok!)
> >
> > <location path="pages/admin">
> > <system.web>
> > <authorization>
> > <deny roles="3"/>
> > </authorization>
> > </system.web>
> > </location>
> >
> >
> > Matt
> >
> > "serge calderara" wrote:
> >
> > > Dear all,
> > >
> > > How to configure in config file, the fact that all users get access to the
> > > root web folder but only some of them to a restricted forlder
> > >
> > > Any sample ?
> > >
> > > thnaks for your help
> > > regards
> > > serge
.

Prev by Date: UserControl Is Nothing
Next by Date: Re: Error opening AccessDB from the newly spawned thread
Previous by thread: UserControl Is Nothing
Next by thread: Re: Error opening AccessDB from the newly spawned thread
Index(es):
- Date
- Thread

Relevant Pages

Re: deny access to all but 1 folder
... which doesn't provide any security (other than by ... The default NTFS permissions on a Windows 2003 TS need no ... \borland folder by assigning it a different drive letter. ... MCSE, CCEA, Microsoft MVP - Terminal Server ...
(microsoft.public.windows.terminal_services)
Re: Cannot write to shared folder on W2K8 server
... I got a folder on a W2K8 Standard server. ... What are the SHARE security settings? ... NTFS Permissions / Domain Admins = FULL, ...
(microsoft.public.windows.server.general)
Re: Cannot write to shared folder on W2K8 server
... This posting is provided "AS IS" with no warranties, ... I got a folder on a W2K8 Standard server. ... What are the SHARE security settings? ... NTFS Permissions / Domain Admins = FULL, ...
(microsoft.public.windows.server.general)
Re: Filtering GPO
... where you would right click the folder and select security to bring up ntfs ... permission window. ...
(microsoft.public.windowsxp.security_admin)
Re: << Small Bus Server news of the week>>
... > will pick up the mail that is in the Incoming Mail folder. ... > A Chinese security group has released sample ... > Cyber law expert Pavan Duggal feels India's ... > A California blood bank has retrieved a stolen ...
(microsoft.public.backoffice.smallbiz)