There are two ways to authorize a resource :
File authorization : is performed by the FileAuthorizationModule. It checks the access control list (ACL) of the .aspx or .asmx handler file to determine whether a user should have access to the file.
URL authorization : is performed by the UrlAuthorizationModule, which maps users and roles to URLs in ASP.NET applications. This module can be used to selectively allow or deny access to arbitrary parts of an application (typically directories) for specific users or roles.
To enable URL authorization, you specify a list of users or roles in the allow or deny elements of the authorization section of a configuration file.
<[allow/deny] users roles verbs />
verbs mean actions such as GET , HEAD and POST
Posts
No comments:
Post a Comment