Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   ASP .Net Security (http://www.velocityreviews.com/forums/f62-asp-net-security.html)
-   -   Problems with allowOverride (http://www.velocityreviews.com/forums/t766464-problems-with-allowoverride.html)

Robert Scheer 08-20-2004 08:56 PM

Problems with allowOverride
 
Hi.

I am trying to use allowOverride in my web.config file, in order to
deny changes made by other configuration files. I want to allow only
the main web.config file sitted on my root folder to work. I tried
some different configurations with no success. When I run the
application, it seems that my loginUrl parameter is ignored. That's my
last web.config (only the relevant sections):

<?xml version="1.0" encoding="utf-8" ?>
<configuration>

<location path="Brokers" allowOverride="false"> <!-- Does not work
-->
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>


<location path="Intro.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

<location path="News.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

<system.web>


<authentication mode="Forms">
<forms loginUrl = "Index.aspx" name = ".autind" protection="All"
path="/" />
</authentication>

<authorization>
<allow users="*" />
</authorization>


</system.web>
</configuration>

Brokers is my root folder. How can I change web.config to deny other
config files under my root folder?

Thanks,
Robert Scheer


All times are GMT. The time now is 10:54 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.