View Single Post
  #1 (permalink)  
Old February 17th, 2006, 10:42 AM
Janag Janag is offline
Registered User
 
Join Date: Dec 2005
Location: Santa Fe, NM, USA.
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Windows Authentication in Web.Config

I'm hoping someone can help me...

I have an employee intranet with one folder I want to secure for admin staff only. I have tried: 1) to edit the web.config in the root and 2) create additional web.config in folder to be secured (and creating application for that folder in IIS). My problem is a little bizarre.

As long as the allow users for the admin folder is a single user, it works fine. When I add a second user or change the user to a windows group, it doesn't work. Can anyone help? Here is what I have in my web.config...

<configuration>
   <location path="Admin">
      <system.web>
         <authorization>
            <allow users="domain\group" />
            <deny users="*" />
         </authorization>
      </system.web>
   </location>

   <system.web>

      <compilation defaultLanguage="c#" debug="true" />

      <customErrors mode="RemoteOnly" />

      <authentication mode="Windows" />

      <authorization>
         <allow users="*" />
      </authorization>

And so on...