location authorization

[TdarTdar]

Hello,
using the location stuff, do i have to define this for each sub directory in
this directory also or is there something i can do to include the
subdirectories in the=:


<location path="SITE_ADMIN" >
<system.web>
<authorization>
<allow users="SADMIN" />
<deny users="*" />
</authorization>
</system.web>
</location>


would i have to this:
<location path="SITE_ADMIN/GIS" >
<system.web>
<authorization>
<allow users="SADMIN" />
<deny users="*" />
</authorization>
</system.web>
</location>

<location path="SITE_ADMIN/GIS/CITY" >
<system.web>
<authorization>
<allow users="SADMIN" />
<deny users="*" />
</authorization>
</system.web>
</location>

for every directory i have under that directory, because when a loged in
user browses a page that is in that subdirectory they get the log in screen
like they dont have premission to view but it is in the SITE_ADMIN and they
are in the SADMIN role.

?

 

[[MSFT]]

Hello,

You don't need to define it for each sub diretocy, only the top one is
enough:

<location path="SITE_ADMIN" >
<system.web>
<authorization>
<allow users="SADMIN" />
<deny users="*" />
</authorization>
</system.web>
</location>

Luke

 

[TdarTdar]

Then why when a user that is in the sadmin group calls a page in that area it
flips me to the login.aspx

 

[TdarTdar]

also I should mention the SP that you have in SQL for the adding new roles
was missing the roleid = newid() in the sp, I was not able to add a new role
until i fixed this on the sql server 2k. I will post sp tomorrow so you can
check it out for everyone else..

 

[[MSFT]]

I missed an issue in my last message:

<location path="SITE_ADMIN" >
<system.web>
<authorization>
<allow users="SADMIN" />
<deny users="*" />
</authorization>
</system.web>
</location>


I think it should be:

<allow roles="SADMIN" />

Hope this help,

Luke

 

[TdarTdar]

ah.. damn why is it always the small things that cause big problems...

 

[[MSFT]]

I am glad to hear that we found the problem.

Luke