I am using Asp.Net/C# ,I am using Roles based Authorization for access to many

Question

0

Asked: June 2, 20262026-06-02T23:22:29+00:00 2026-06-02T23:22:29+00:00

I am using Asp.Net/C# ,I am using Roles based Authorization for access to many

0

I am using Asp.Net/C# ,I am using Roles based Authorization for access to many of my pages.Until now I have only two pages that are accessible to only Admin Role.For denying access to other roles I am using this in my Web.config file.

<location path="CreateAccount.aspx">
    <system.web>
      <authorization>
        <allow roles="Admin"/>
        <deny users="*"/>
      </authorization>
    </system.web>
  </location>

This is for page1 , suppose in future I keep adding more pages that are only accessible to admin role , how do I manage that , should I add a location element per page or is there a way around.I know I can group them in a folder and then add a web.config file for that.Is this a better approach if I add many pages in future.

Thanks for any suggestions.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-02T23:22:30+00:00

Editorial Team

2026-06-02T23:22:30+00:00Added an answer on June 2, 2026 at 11:22 pm

I would probably go the other way – by default all pages are at the highest restriction level (possibly admin) and then whitelist ones that others can access. This means that if a page is added and config isn’t updated no one who should not be able to see it will be able to.

As to how to achieve this: yes, having a web.config in a sub directory is probably the easiest way.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am using Asp.Net/C# ,I am using Roles based Authorization for access to many

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply