asp.net authorization -
In my asp.net application, I have an asmx web service which it has in its directory for this ws I Under 6.0 the basic authentication is set and the separate web for that folder. Added config, with the following nodes:
& lt; System.web & gt; & Lt; Authority & gt; & Lt; Allow users = "domain \ username" / & gt; & Lt; Deny users = "*" /> & Lt; / Authorization & gt; & Lt; /system.web>
Error messages with this type of settings 401.2.: Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page based on the credentials and authentication methods on the web server given to you. Contact the web server administrator for additional help.
When webmath is implemented with SOAPUI or browser, if I deny the node, then any valid user in the domain can get a web service response.
Any suggestions on how to make it work for a single domain user?
Perhaps I should mention this, besides the main web That authentication in the config has been set to "Windows".
updated:
Oh, I ignored the fact that You have parents, my mistake After parental permission is set to default, you can set up per-user access to child web service / app.
The most powerful configuration I could setup was the following.
Parents, I used this barebones setup (no permission):
& Lt; Authentication mode = "Windows" /> & Lt; Identification impersonation = "true" /> & Lt; Authority & gt; & Lt; Deny users = "*" /> & Lt; / Authorization & gt; & Lt; /system.web> & Lt; / Configuration & gt;
Then for the child (web service, in your case), I have used this setup (only DOMAIN \ username
is allowed in the principal ):
& Lt; / Authorization & gt; & Lt; /system.web> & Lt; / Configuration & gt;
As a result, there is no access to the original level, but only given users at the child level (web service) Also, as you mentioned, setting authorization mode does not work on child web.config
.
Despite setting up at least one allow
entry on the web.config, no one can enter it, because the parent's reject
Entry takes priority.
The original
Your settings work for me, but I believe that some elements are missing.
Try to include the cloning element, make sure the authentication mode is set to Windows, and if IIS is deployed, make sure that anonymous access is turned off in the IIS location.
Try the following barebones config, enable debug on or off as per your requirement:
& Lt; Authentication mode = "Windows" /> & Lt; Identification impersonation = "true" /> & Lt; Authority & gt; & Lt; Allow users = "DOMAIN \ username" /> & Lt; Deny users = "*" /> & Lt; / Authorization & gt; & Lt; /system.web> & Lt; / Configuration & gt;
Comments
Post a Comment