Multiple role based folder authorization in asp.net web.config

2018-07-02 08:12:43

In my application I have multiple folder which have multiple webpage. I am using Asp.net membership identity for authentication. I have designed different folder for different task. Every folder has its web.config file which is used for role access for folder to users and some of them user has multiple role.

In some folder user should have multiple role to access that folder.

Basically in web.config file <allow roles="Admin, HR"/> provide access to either Admin or HR.

But my concern is that if specific user has both roles then he will have the access to that folder neither Admin nor HR have access to that folder.

请看看这是否有帮助：

 <location path="restrictedPages">
       <system.web>
            <authorization>
               <allow roles="Admin" />
               <deny users="*" />
            </authorization>
          </system.web>
        </location>

         <location path="restrictedPages">
       <system.web>
            <authorization>
               <allow roles="HR" />
               <deny users="*" />
            </authorization>
          </system.web>
        </location>

链接地址: http://www.djcxy.com/p/90158.html

上一篇: 角色提供者的替代品？

下一篇: 在asp.net web.config中的多个基于角色的文件夹授权