Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Allow only anonymous users via web.config authorization

I want to use authorization in the web.config to block access to SignUp.aspx to authenticated users. It cannot be accessed by user such as their roles is administrator and Guest.

<location path="SignUp.aspx">
    <system.web>
        <authorization>
            <allow users="?"/>
        </authorization>
    </system.web>
</location>

    <authentication mode="Forms">
        <forms name="AuthCookie" loginUrl="Login.aspx" timeout="60" 
                           defaultUrl="Index.aspx"/>
    </authentication>
    <authorization>
        <deny users="?"/>
    </authorization>
like image 982
user1861753 Avatar asked Jan 06 '13 07:01

user1861753


1 Answers

    <authorization>
        <allow users="?"/>
        <deny users="*"/>
    </authorization>

Can't actually validate it now but it should do the trick. The explicit denial of all other users should allow only unauthenticated users allow the page.

like image 194
Wiktor Zychla Avatar answered Nov 22 '22 23:11

Wiktor Zychla