location path used with MVC app doesn't work

Question

I want to use the location path , allow user and deny user to restrict access in my MVC app. This is the section that I added to the web.config

 <location path="Views/Admin/Ticketing/Seasons.aspx">
<system.web>
  <authorization>
    <allow users="admin" />
    <deny users="user1" />
  </authorization>
</system.web>
</location>

It is not working. non-admin users, like user1 can still view the page. I am not sure if it is because I have the routing set up differently or wrong.

This is the URL of the tab I want to block

http://marilyndenisservices.localhost/Admin/TicketingSeasons

This is the physical path of this page on disk D:\dev\MarilynDenisServices\src\Web\Views\Admin\Ticketing\Seasons.aspx

And this is how I configured it on the view model

<div id="menucontainer">
<ul id="menu">

<li><%= Html.ActionLink("Ticketing", "TicketingSeasons", "Admin") %></li>

</ul>
</div>

This is my action

public ActionResult TicketingSeasons()
    {
        return View("Ticketing/Seasons");
    }

Can someone tell me what I am doing wrong?

Answer 1

Try this location path:

<location path="Admin/TicketingSeasons">
<system.web>
  <authorization>
    <allow users="admin" />
    <deny users="user1" />
  </authorization>
</system.web>
</location>