Authorization
Authorization is the process of determining the accessibility to a resource for a previously authenticated user. Note that authorization can only work with authenticated users, hence ensuring that no un-authenticated user can access the application. The default authentication mode is anonymous authentication. There can be three types of authorization in ASP.NET. They are
· URL Authorization
· File Authorization
· Authorization based on ACLs
Authorization like authentication is specified in the web.config file of the application. The following specification in the web.config file allows or grants access to the user Joydip but denies the same to Jini and all anonymous users. Note that the allow/ and deny/ element ordering is important, since the first one that matches the request will be used. Hence, if you were to add a deny users="*" / to the top of the list, it would always deny everyone, regardless of any allow / elements that followed it.
authorization
allow users="Joydip"/
deny users="Jini"/
deny users="?"/
/authorization
15 years ago
No comments:
Post a Comment