Web.config Deny access to subfolder recursively
Question
If I have a sub folder in my website called Admin and this folder has more sub folders. How can I configure a web.config file, that sits in Admin folder, to effect all the subfolders in it recursively?
Currently i have this, but it only caters for the admin folder, and doesn't effect the sub folders
<location path="Admin">
<system.web>
<authorization >
<deny users="?"/>
<allow roles="Admins"/>
</authorization>
</system.web>
Thanks.
2 answers
solution1
4 ACCPTED 2012-10-23 09:40:52
You need to deny all other users. By default, all users (including guests) are permitted to access all folders. If you want to deny access to anyone except certain users or roles, you need to deny this access after all rules. This implies to guests also.
<system.web>
<authorization >
<allow roles="Admins"/>
<deny users="*"/>
</authorization>
</system.web>
The rules are being checked one by one, so an admin fits to the first rule and getting access. All other users and guests will fall to the second rule and won't get access.
solution2
0 2012-10-23 09:17:10
You can define allowOverride property to true
<location path="path" allowOverride="true"/>
Link : http://msdn.microsoft.com/en-us/library/b6x6shw7(v=vs.71).aspx
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.