Form Based Authentication

Question

Form Based Authentication

If I wanted to make sure that AUTHENTICATED users were denied access to Enroll.aspx users and UNAUTHENTICATED users had access, how should the “allow / deny users” tags in the web.config file be set?

<location path="Enroll.aspx">
    <system.web>
      <authorization>
        <allow users = "?" />
        <deny users = "?" />
      </authorization>
    </system.web>
</location>

+3

security c # vb.net asp.net

John H. Jun 24 '10 at 19:47

source share

2 answers

Have you tried this?

<authorization>
<allow users = "?" />
<deny users = "*" />
</authorization>

Allow anonymous users to refuse all.

+2

Greg Jun 24 '10 at 19:59

source share

Biff magriff · Accepted Answer · 2010-06-24T20:00:26+0000

<allow users="?" />
<deny users="*" />

Gotta do the trick

Form Based Authentication

More articles: