How we can Apply security Authorization On a Particular Folder in a website

Question

0.00/5 (No votes)

See more:

How we can Apply security Authorization On a Particular Folder containing various webforms in a website

i am using asp.net 4.0

Posted 7-Apr-11 9:00am

Shagun Bansal

Add a Solution

Comments

walterhevedeich 7-Apr-11 22:21pm

Just curious. Why would you want to put security authorization on folders in a website?

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

#realJSOP · Answer 1 · 2011-04-07T09:04:00

Solution 1

Found this using google (google is free for everyone to use, BTW):

Place a separate web.config file in the desired folder that will deny access to every request to that folder if the user isn't in the Admin role.

It would look something like this:

<location path="MySecureFolder">  
    <system.web>   
        <authorization>    
            <allow roles="Admin"/>    
            <deny users="*"/>   
        </authorization>  
    </system.web> 
</location>

Posted 7-Apr-11 9:04am

#realJSOP

Comments

Shagun Bansal 7-Apr-11 15:35pm

but bu applying this the erroer comes:

It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.

Sandeep Mewara 8-Apr-11 1:17am

This means, you have now 2 web.config file in your root.

Better place this tag that JSOP suggested in the original Web.Config file.