RE: authorization problem
- From: Chris Williams <ChrisWilliams@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 20 Mar 2006 07:01:54 -0800
Will a user in the "Manager" role also be in the "Employee" role? If not,
you need to change the Employee/Web.Config to include access for both roles
e.g.
Employee/Web.config
<system.web>
<authorization>
<allow roles="employee,manager" />
<deny users="*" />
</authorization>
</system.web>
"sonu" wrote:
Mark is creating a website using ASP.NET. He is using Forms.
authentication for authenticating and authorizing users. He has the
following
layout of files and directories in his website:
Root
....File
Manager/
....Files
Employee/
...Files
He wants to configure Forms authentication in such a way that the
following requirements are met:
1. Users with role employee can access web forms, which are either at
root or in Employee folder.
2. Users with role manager can access all the web forms.
For this purpose, he placed Web.config files in Manager and Employee
folder. He has
placed the following code in Web.config file:
Employee/Web.config
<system.web>
<authorization>
<allow roles="employee" />
<deny users="*" />
</authorization>
</system.web>
Manager/Web.config
<system.web>
<authorization>
<allow roles="manager" />
<deny users="*" />
</authorization>
</system.web>
When he runs the application and logins with the manager role, he can
access the web forms that are placed in the Manager folder, but he
cannot access the web forms that are placed in the Employee folder.
What
could be the possible cause of this problem? Please discuss the
authorization element to support your answer.
Please try to find this problem.
Regards
Sonu
- References:
- authorization problem
- From: sonu
- authorization problem
- Prev by Date: RE: How to use class library when anthor class is used
- Next by Date: Re: Generics and casting
- Previous by thread: authorization problem
- Next by thread: popup text when user is in fullscreen directx app
- Index(es):
Relevant Pages
|
Loading
