Avatar of David Bach
David Bach
Flag for United States of America

asked on 

IIS Authorization For Roles And Users


With regard to adding authorization via IIS 7+ I can add an Allow rule via IIS Manager which results in updating the web.config as follows:
                <windowsAuthentication enabled="true" />
                <add accessType="Allow" roles="Admin" />

Open in new window

Using this example, where is the role of Admin defined? If I were to guess it would be Microsoft Active Directory.

My web application, written in Visual Basic ASP.NET, uses forms based authentication and the <location> tag in web.config to govern access to most of the website. However, this application also contains classic ASP scripts which are not governed by ASP.NET since classic ASP is not managed code. It is for this reason I surmised using IIS authentication and authorization.

But I don't know where the role and user names are defined to which IIS authorization references.

Any assistance would be most appreciated.

Much thanks,
David Bach
Microsoft IIS Web ServerWeb DevelopmentASP.NET

Avatar of undefined
Last Comment
David Bach

8/22/2022 - Mon