Asp.net and security

I have an asp.net 3.5 website with using forms authentication and asp.net roles and membership. I have an image in folder images. In my web.config i give access to this folder

<location path="images">
    <system.web>
        <authorization>
            <!-- Order and case are important below -->
            <allow roles="*"/>
            <allow users="*"/>
        </authorization>
    </system.web>
</location>

I can see the image from a page in my root. When i traverse to a page(Page.aspx) one folder down, the image is not visible, ie /Operational/Page.aspx.

How should i setup authorisation with regards to subfolders?


It can be a path issue. As I guess you settings are good you don't need to change it.

You can view the path in the browser and see if there path are correct or not.

You can use firebug or Firefox to check the path.

链接地址: http://www.djcxy.com/p/90156.html

上一篇: 在asp.net web.config中的多个基于角色的文件夹授权

下一篇: Asp.net和安全性