Authorization set some page or folder in web.config in Asp.net
The authentication
set to some page only allowed public
page and other page only private page .How can developing these are things, Its
very easy to change Web.config file let us see…
<authentication mode="Windows/Forms ">
<authorization>
<deny users="*"/>
</authorization>
Now I wrote the Web.config file all page restrict the browser the project the Below Error.
Access is denied.
Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.
IF you have changed the some page only allowed public Access to use to below source code.
Page Level
<location path="TestAuth.Aspx">
<system.web>
<authorization >
<allow users="*"/>
</authorization>
</system.web>
</location>
Folder Level:
If you have using Folder Authentication Account used the below code.
<location path="Account">
<system.web>
<authorization >
<allow users="*"/>
</authorization>
</system.web>
</location>
The Authorization using
-> User
-> Roles
<allow users="*"/> -The Allow to user view the page everyone,
<allow Roles="*"/> -The Allow to Roles view the page everyone,
<allow Roles="Admin, Customer"/> -The Allow to Roles view the page Admin an d customer,
Deny Anonymous user to access entire
websiteThis is the case when you want everybody to login before the can start browsing around your website. i.e. The first thing they will see is a login page.
<system.web>
<authentication mode="Forms">
</authentication>
<authorization>
<deny users="?"/> //will deny anonymous users
</authorization>
</system.web>Images and CSS files
Say you have all your images and CSS in a seperate folder called images and you are denying anonymous access to your website. In that case you might see that on your login page you cannot see images(if any) and css(if any) applied to your login page controls.
In that case you can add a web.config to the images and css folder and allow access to everyone to that folder. So your web.config in images folder should look as below:
<configuration>
<system.web>
<authorization>
<allow users="*"/> //Allow everyone
</authorization>
</system.web>
</configuration>
Common Mistakes
I have seen people complaining that they have setup their roles correctly and also made entry to their web.config but still their authorization doesn't work. Even they have allowed access to their role that user cannot access particular page/folder. The common reason for that is placing <deny../> before <allow ../>.
Say the web.config from AdminFolder as we have seen before is something like this:
//This web.config will not allow access to users even they are in Admin Role
<configuration>
<system.web>
<authorization>
<deny users="*"/> // deny everyone else
<allow roles="Admin"/> //Allows users in Admin role
</authorization>
</system.web>
</configuration>
Resources:
http://weblogs.asp.net/gurusarkar/archive/2008/09/29/setting-authorization-rules-for-a-particular-page-or-folder-in-web-config.aspx
Written by Test
We are Creative Blogger Theme Wavers which provides user friendly, effective and easy to use themes. Each support has free and providing HD support screen casting.
0 comments:
Post a Comment