How should I configure IIS 7 to work with my web.config authorization?
Posted on 2015-01-08
Hi, I'm using C# and asp.net in vs2012 and IIS7
In my web.config, I have as follow. In IIS for this site, in Authentication, i disabled all and enable Windows. What should I set in the Authorization in IIS?
There is a default rule that "Allows all users", should I delete that and leave that blank?
If I add a user in my web.config file, do I need to restart the app pool for this to take effect?
<allow users="domian\userid1" />
<allow roles="doming\usergroup1" />
<deny users="*" />