Authorization Asp.net web.config

c# asp.net security web-config roles
26,609

Solution 1

Yes, exactly so (assuming you properly authenticated your users, and set their roles accordingly).

Check the MSDN article: https://docs.microsoft.com/en-us/previous-versions/dotnet/netframework-1.1/8d82143t(v=vs.71)

Solution 2

yes, you can add n roles like that.

If you prefer, you can also:

<allow roles="admin"/>
<allow roles="admin1"/>
<deny users="*"/>

Solution 3

Yes, roles, users and verbs takes comma separated values.

MSDN Reference

Share:
26,609
user29964
Author by

user29964

Updated on April 13, 2021

Comments

  • user29964
    user29964 about 3 years

    I have an application that has a backoffice. This backoffice was isolated with the use of roles like this:

    <location path="backoffice">
    <system.web>
        <authorization>
            <allow roles="admin"/>
            <deny users="*"/>
        </authorization>
    </system.web>
</location>

    But now we have another type of role that needs access. The companyadmin role.

    Can I just say?:

     <location path="backoffice">
        <system.web>
            <authorization>
                <allow roles="admin,companyadmin"/>
                <deny users="*"/>
            </authorization>
        </system.web>
    </location>
  • mbillard
    mbillard about 15 years
    what the hell is going on with that grammar?
  • user441521
    user441521 over 6 years
    @mbillard He's saying 'N' number of roles, meaning as many as needed.
  • General Grievance
    General Grievance about 3 years
    It may be important to note that order does matter. According to the docs, it will check one rule at a time in short-circuit fashion. i.e., if the first rule is a "deny all," then the resource will be denied. If the user passes by the first rule with an allow, then access is granted.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Custom error redirects not working
How to make home page as default page in asp.net
ASP.NET Core using custom authenticationhandler with cookieauthentication
Build Security Token Service (STS) application for ASP.NET website
ASP.NET Chart not working on server
How to store cookie permanently
The configuration section 'assemblies' cannot be read because it is missing a section declaration
WCF: The remote server returned an error: (413) Request Entity Too Large
Server Error in '/' Application
How sent e-mail from ASP.NET site using GMail's SMTP server?