monkeymagic2222
Technical User
Hi,
I've just started trying to get to grips with asp.net and i'm not really understanding how Windows Role Based Security works.
I am working on multiple intranet applications that I would like to control who can access to update and view. For example I have a phone list that I would like all users to see but only members of, say, IT to update.
I understand that I can do this using the web.config file within the folder containing the application. For example:
<authorization>
<allow roles="TESTDOMAIN\IT" />
<deny users="*" />
</authorization>
But the above example just returns an "Access Denied" error. I can use the same web.config file to restrict users by logon name, which works:
<allow users="DOMAIN\USER" />
<deny users "*">
but not group, yet when I add the following to the actual webpage I would like restricted:
Partial Class _Default
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If User.IsInRole("TESTDOMAIN\IT") Then
Label1.Text = User.Identity.Name & " is in I.T."
Else
Label1.Text = User.Identity.Name & " is not in I.T."
End If
End Sub
End Class
It tells me I am a member of TESTDOMAIN\IT which is correct.
Is there something i'm missing here or is there a better way of doing this? I am using IIS 6, Asp.net 2.0 and on a Windows 2003 network.
Thanks in advance.
I've just started trying to get to grips with asp.net and i'm not really understanding how Windows Role Based Security works.
I am working on multiple intranet applications that I would like to control who can access to update and view. For example I have a phone list that I would like all users to see but only members of, say, IT to update.
I understand that I can do this using the web.config file within the folder containing the application. For example:
<authorization>
<allow roles="TESTDOMAIN\IT" />
<deny users="*" />
</authorization>
But the above example just returns an "Access Denied" error. I can use the same web.config file to restrict users by logon name, which works:
<allow users="DOMAIN\USER" />
<deny users "*">
but not group, yet when I add the following to the actual webpage I would like restricted:
Partial Class _Default
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If User.IsInRole("TESTDOMAIN\IT") Then
Label1.Text = User.Identity.Name & " is in I.T."
Else
Label1.Text = User.Identity.Name & " is not in I.T."
End If
End Sub
End Class
It tells me I am a member of TESTDOMAIN\IT which is correct.
Is there something i'm missing here or is there a better way of doing this? I am using IIS 6, Asp.net 2.0 and on a Windows 2003 network.
Thanks in advance.