top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

How to allow users in particular role to access folders in ASP.NET?

+2 votes
361 views
How to allow users in particular role to access folders in ASP.NET?
posted Dec 23, 2014 by Sathyasree

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

+1 vote

I have two folders one is Administrator folder and another one is Customer folder. Now I want give permissions like Admin role users are able to access both the folders and Customer role users are able to access only Customer folder for that we need to set the condition like this in web.config file.

<configuration>
<location path="AdminFolder">
<system.web>
<authorization>
<allow roles="Admin"/> <!—Allows Admin role Users-->
<deny users="*"/> <!--Deny everyone else Admin role Users-->
</authorization>
</system.web>
</location>
<location path="CustomerFolder">
<system.web>
<authorization>
<allow roles="Admin, Customers"/> <!--Allow users in Admin and Customers roles-->
<deny users="*"/> <!--Deny rest of all-->
</authorization>
</system.web>
</location>
</configuration>

In this way we can allow or deny resources to particular user or role by using authorization in web.config.

Note: Here one thing we need to remember that allow statement always before the deny statement because if we place deny statement first and then allow statement in this situation allow statement properties won’t work.

answer Dec 26, 2014 by Shivaranjini
...