Roles in web.config File

Discussion in 'Getting started' started by raohara, Jan 4, 2010.

Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.
  1. raohara

    raohara

    I purchased a storefront that uses an Admin section. Access to the Admin pages is restricted by entries in the web.config file like this one:

    Code:
    <system.web>
    <authorization>
      <allow roles="ADMIN,CUSTOMER SERVICE REP,CONTENT EDITOR"/>
      <deny users="*"/>
    </authorization>
</system.web>
    What I don't know is how and where to define the roles. Can someone help with that?

    Regards,

    Rich
     
    raohara, Jan 4, 2010
    #1
  2. mjp

    mjp

    Those sound like roles specific to the storefront application. You would have to check the application's documentation for implementation details.
     
    mjp, Jan 4, 2010
    #2
  3. raohara

    raohara

    Yes, that makes sense. Thanks.

    What I am after is to restrict access to the Admin pages so that an anonymous user can't see them, even though they are password protected. Can I add something like this to the web.config file:

    Code:
      <system.webServer>
    <security>
      <authorization>
        <add accessType="Deny" users="?" />
      </authorization>
    </security>
  </system.webServer>
    Regards,

    Rich
     
    raohara, Jan 4, 2010
    #3
Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.

Share This Page