ASP.NET Tutorial/Authentication Authorization/Authorization — различия между версиями
Admin (обсуждение | вклад) м (1 версия) |
|
(нет различий)
|
Версия 15:30, 26 мая 2010
Содержание
Assign a particular username, or comma-delimited list of usernames, to the deny element
The ASP.NET Framework uses a first-match algorithm.
If you switched the allow and deny rules, then no one, not event Jane, would be allowed to access the pages in the folder.
File: SecretFiles\Web.Config
<configuration>
<system.web>
<authorization>
<allow users="Jane" />
<deny users="*" />
</authorization>
</system.web>
</configuration>
Authorizing by Role
When creating authorization rules, you can authorize by user role.
File: SecretFiles\Web.Config
<configuration>
<system.web>
<authorization>
<allow roles="Administrator"/>
<deny users="*"/>
</authorization>
</system.web>
</configuration>
Authorizing Files by Location
The location element can apply a set of authorization rules to a folder or page at a particular path.
File: Web.Config
<configuration>
<system.web>
<authentication mode="Forms" />
</system.web>
<location path="Secret.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
</configuration>
Configuring Authorization
If you add the web configuration file to SecretFiles folder, then unauthenticated users are blocked from accessing pages in the folder.
When Forms authentication is enabled, unauthenticated users are automatically redirected to the Login page.
The configuration file denies access to anonymous users.
The ? symbol represents anonymous (unauthenticated) users.
? Represents unauthenticated users.
* Represents all users (unauthenticated or authenticated).
File: SecretFiles\Web.Config
<configuration>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
Use the location element to apply configuration settings to a particular subfolder
File: Web.Config
<configuration>
<system.web>
<authentication mode="Forms" />
</system.web>
<location path="SecretFiles">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
</configuration>