开发者

web.config secure one file: can you use AD distribution groups?

问答 作者:

I have the following in my web.config:

<location path="DeleteJob.aspx">
    <system.web>
      <authorization>
        <allow roles ="MyDomain\PointOne Team"/>
        <allow roles ="MyDomain\PointOne Schedulers"/>
        <deny users = "*"/>
      </authorization>
    </system.web>
</location>

The problem is, the people in the "PointOne Team" still can't access the DeleteJobs.开发者_运维百科aspx page.

Is that because the "PointOne Team" is a "Distribution Group" in AD, and not a "Security Group"?

Thanks!

Distribution groups are intended to be used solely as email distribution lists. These lists are for use with email applications such as Microsoft Exchange or Outlook.

As a generic rule, you can't use distribution groups to assign permissions on any objects, whatsoever. This includes pages inside an asp.net web application.

If you need to set permission, create a security group with the necessary people in it. As an alternative, you might consider converting the distribution group to a security group, if you are not using it for distribution purposes anyway.

继续阅读:asp.netsecurityweb-config

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9