What's the easiest way to secure a web folder?

G

gnewsgroup

I have a membership web application. A user is either an
administrator or a regular user (only 2 roles)

I have an admin folder in this application. I want only
administrators to be able to access that folder.

I am not using the .net member/role/profile framework. What's the
easiest way to secure that admin folder?

Thanks.
 
M

Misbah Arefin

set the role required for the admin pages via the locations section in the
web.config

<location path="admin">
<system.web>
<authorization>
<allow roles="admin" />
<deny users="*" />
</authorization>
</system.web>
</location>
 
J

Juan T. Llibre

re:
!> set the role required for the admin pages via the locations section in the web.config

The OP specifically stated that he is *not* using the "member/role/profile framework"

So, the easiest way to secure that admin folder is to *implement membership and roles*,
and *then* secure the folder as you describe in your answer.
 
G

gnewsgroup

re:
!> set the role required for the admin pages via the locations section in the web.config

The OP specifically stated that he is *not* using the "member/role/profile framework"

So, the easiest way to secure that admin folder is to *implement membership and roles*,
and *then* secure the folder as you describe in your answer.

Juan T. Llibre, asp.net MVP
asp.net faq :http://asp.net.do/faq/
foros de asp.net, en español :http://asp.net.do/foros/
Click to expand...

Haha, that's a good answer. I may look into it and implement a very
basic membership provider. Thx.
 
J

Juan T. Llibre

re:
!> Haha, that's a good answer.

<chuckle>

re:
!> I may look into it and implement a very basic membership provider.

That will, certainly, do it for you.

re:
!> Thx.

You're quite welcome.
If you run into any problems implementing the membership provider or the roles, post again.




re:
!> set the role required for the admin pages via the locations section in the web.config

The OP specifically stated that he is *not* using the "member/role/profile framework"

So, the easiest way to secure that admin folder is to *implement membership and roles*,
and *then* secure the folder as you describe in your answer.

Juan T. Llibre, asp.net MVP
asp.net faq :http://asp.net.do/faq/
foros de asp.net, en español :http://asp.net.do/foros/
Click to expand...

Haha, that's a good answer. I may look into it and implement a very
basic membership provider. Thx.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

What's the easiest way to secure a page? 2
Web publish locally 2
How to effectively develop a web application from scratch? 0
Simple web framework - improvements to makefile 0
What's the easiest way to create a grid with rowspan/colspan? 2
Easiest way to create a Server Control from a Web User Control 1
Secure Folders 2
Specify a Specific Folder for ASP.NET Debugging? 0

Members online

No members online now.
Total: 43 (members: 0, guests: 43)
Robots: 146

Forum statistics

Threads
473,997
Messages
2,570,240
Members
46,830
Latest member
HeleneMull

Latest Threads

Top