Home/ Questions/Q 8360789
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T11:33:02+00:00

I have a folder UserManagement with role based access and is as below. <authorization>

  • 0

I have a folder UserManagement with role based access and is as below.

<authorization>
    <deny users="?" />
    <allow roles="UserAdmin_M"/>
    <allow roles="UserAdmin_MC"/>
    <deny roles="ReportsAdmin"/>
  </authorization>

Admin will have access to other folders as well like reports.
Now the problem is, I’m having an user “TestUser” with roles UserAdmin_M and ReportsAdmin but the application is blocking the access to “UserManagement” folder for TestUser. How to overcome this?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I might be wrong, but could this have something to do with the order in which you have assigned the roles to your user? From MSDN it states:

    At run time, the authorization module iterates through the allow and deny elements, starting at the most local configuration file, until the authorization module finds the first access rule that fits a particular user account. Then, the authorization module grants or denies access to a URL resource depending on whether the first access rule found is an allow or a deny rule.

    Make sure you are assigning the UserAdmin_M role before the ReportsAdmin rule.

    FYI – you can comma separate roles in your configuration:

    <authorization>
    <deny users="?" />
    <allow roles="UserAdmin_M, UserAdmin_MC" />
    <deny roles="ReportsAdmin" />
</authorization>
    • 0