URL Authorization
One of the downsides of File Authorization is the maintenance of the ACLs on the resources that you want to protect. ACLs are frequently lost when using FTP to transfer files to a Web site. ACLs also have a sometimes-confusing inheritance model that, for a large site, can cause maintenance headaches. ASP.NET provides URL Authorization as a way to authorize users by attaching role information to URLs within a Web site. This URL to Role mapping is done in the web.config file. The URL Authorization module uses the <authorization> element to store this mapping. You saw this earlier in the web.config file used in Listing 7.3. The authorization element can contain both allow and deny elements. Both allow and deny elements have a users ...
Get C#® Developer's Guide to ASP.NET, XML, and ADO.NET now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.