I've been trying to use the following code inside a web.config, that is inside the folder i want to have restricted access but without success, because every user with the path to the file can access it, anyone knows what is wrong?
the web.config:
<?xml version="1.0"?>
<configuration>
<system.web>
<authorization>
<allow roles="Administrador, Executivo, Publico" />
<deny users="?" />
</authorization>
</system.web>
</configuration>
is inside the folder "Uploads"
I'm using forms authentication and it's configured in the main web.config:
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" />
</authentication>
May this be a IIS configuration problem? Anyone has a clue?
Use Below code for web.config file
<?xml version="1.0"?>
<configuration>
<system.web>
<authorization>
<allow roles="Administrador, Executivo, Publico" />
<deny users="*" />
</authorization>
</system.web>
</configuration>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.