I want to lock certain users out of a certain page or using certain controls. What is the correct practice to do that?
Thank Youim not to sure about the absolute correct way to do this
but if you have login you can block people out of it by doing this
web config file
this will not allow any users in who are not logged in
<authorization>
<deny users="?" /> <!-- deny users not logged in -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
then to allow unauthorized users into a certain page i.e. who are not logged in
this will allow users who arent logged in to page
webform1.aspx - put in bottom of webconfig file
<location path="WebForm1.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
im not sure this is what you are looking for but it might help get you started
Our users will have to log in and that goes against Active Directory. However, only certain users are allowed to a certain page. Is the above the best way to approach this? Does that means that I will have to maintain who has rights through webconfig file and what page they have rights on?
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment