Home/ Questions/Q 6321173
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T16:06:15+00:00

I have created application and implemented ELMAH logging. In my site there are three

  • 0

I have created application and implemented ELMAH logging. In my site there are three types of users.

  • Admin : can everything (rights to view elamh.axd)
  • User : can have own rights (can’t view elamh.axd)
  • Guest : only view (can’t view elamh.axd)

    • The above user will be stored in Database.

    Probelm:-
    Now how could i manage protection level for User and Guest to view ELMAH.axd log file?

    Share

    Leave an answer

    You must login to add an answer.

    Need An Account,

    1 Answer

    1. Editorial Team

      If you’re using Roles you can add this to your web.config:

      <location path="~/elmah.axd">
    <system.web>
        <authorization>
            <allow roles="Admin" />
            <deny users="*" />
        </authorization>
    </system.web>
</location>

      If you’re not using roles you will have to specify each user you want to give access to:

      <location path="~/elmah.axd">
    <system.web>
        <authorization>
            <allow users="user1, user2, user3" />
            <deny users="*" />
        </authorization>
    </system.web>
</location>

      Update:

      As you aren’t using any of the built in authentication/authorisation and you don’t have control of the elmah page you’re going to have to handle the BeginRequest() event:

      protected void Application_BeginRequest()
{
    if(Request.Url.AbsolutePath.ToLowerInvariant().Contains("elmah.axd"))
    {
        // Check if user can see elmah and handle unauthorised users (return 401/redirect to login page/etc...)
    }
}
      • 0