authorization rules in web.config file - Csharp.Net

Q.  You want to configure the application to use the following authorization rules in web.config file.

• Anonymous users must not be allowed to access the application.
• All employees except ABC must be allowed to access the application.

- Published on 31 Aug 15

a.
<authorization>
<deny users=”ABC”>
<allow users=”*”>
<deny users=”?”>
</authorization>
b.
<authorization>
<allow users=”*”>
<deny users=”ABC”>
<deny users=”?”>
</authorization>
c.
<authorization>
<allow users=”ABC”>
<allow users=”*”>
</authorization>
d.
<authorization>
<deny users=”ABC”>
<deny users=”?”>
<allow users=”*”>
</authorization>

ANSWER:
<authorization>
<deny users=”ABC”>
<deny users=”?”>
<allow users=”*”>
</authorization>
 
First you deny user ABC. Then you deny anonymous users access by writing <deny users=”?”>. And last we allow to all other users access. This is proper order of the elements for the requirements of this scenario.

Post your comment / Share knowledge


Enter the code shown above:

(Note: If you cannot read the numbers in the above image, reload the page to generate a new one.)