stackoom
  简体   繁体   中英

Authorization Asp.net web.config

 原文  2009-03-13 12:46:59       c#/ asp.net/ security/ web-config/ roles

Question

I have an application that has a backoffice. This backoffice was isolated with the use of roles like this:

<location path="backoffice">
    <system.web>
        <authorization>
            <allow roles="admin"/>
            <deny users="*"/>
        </authorization>
    </system.web>
</location>

But now we have another type of role that needs access. The companyadmin role.

Can I just say?:

 <location path="backoffice">
        <system.web>
            <authorization>
                <allow roles="admin,companyadmin"/>
                <deny users="*"/>
            </authorization>
        </system.web>
    </location>

3 answers

solution1
 9 ACCPTED  2009-03-13 12:51:44

Yes, exactly so (assuming you properly authenticated your users, and set their roles accordingly).

Check the MSDN article: https://learn.microsoft.com/en-us/previous-versions/do.net.netframework-1.1/8d82143t(v=vs.71)

solution2
 4  2009-03-13 12:48:14

yes, you can add n roles like that.

If you prefer, you can also:

<allow roles="admin"/>
<allow roles="admin1"/>
<deny users="*"/>

solution3
 4  2009-03-13 12:52:33

Yes, roles, users and verbs takes comma separated values.

MSDN Reference

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question web.config in asp.net web.config in ASP.NET 5 MVC 6 Web.Config file in asp.net Hardcoding into web.config in asp.net web.config issue in ASP.Net Asp.Net RequireSSL in Web.config ASP.NET - Conditional Web.config ASP.NET WebForms Url authorization and an infinite loop. Web.config not working? Web.Config authorization using claims instead of roles asp.net ASP .Net Web.config
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM