Customizing authorization
Customizing authorization
Syntax
<location path="">
<system.web>
<authorization>
<allow users=""/>
</authorization>
</system.web>
</location>
Remarks
<location>: point to a folder/file inside the website folder that needs to be applied a special setting rather than the inherited setting (from the application folder). There are four paths that we need to configure: Guidelines, RequestPassword.aspx, /Common/WaitingPage.aspx, and Images.
<allow users>: we use the two following types of authorization:
'*': All users, including authenticated and anonymous users.
'?': all non-authenticated, or anonymous, users.
Required setting
<location path="Guidelines">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<location path="RequestPassword.aspx">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
<location path="Common/waitingpage.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</</system.web>
</</location>
<location path="Images">
<system.web>
<authorization>
<allow users="?"/>
</</authorization>
</</system.web>
</</location>
<location path="CommunicatorModule/webservice">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
<location path="CommunicatorModule/SMS">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>