I managed to secure a folder structure with URL authorization in IIS7 with the

Question

0

Asked: May 26, 20262026-05-26T06:49:57+00:00 2026-05-26T06:49:57+00:00

I managed to secure a folder structure with URL authorization in IIS7 with the

0

I managed to secure a folder structure with URL authorization in IIS7 with the following :

<location path="Reports"> 
  <system.webServer> 
    <security> 
      <authorization> 
        <remove users="*" roles="" verbs="" /> 
      </authorization> 
    </security> 
  </system.webServer> 
</location> 

<location path="Reports/Company1"> 
  <system.webServer> 
    <security> 
      <authorization> 
        <add accessType="Allow" users="User1"/> 
      </authorization> 
    </security> 
  </system.webServer> 
</location> 

<location path="Reports/Company2"> 
  <system.webServer> 
    <security> 
      <authorization> 
        <add accessType="Allow" users="User2" /> 
      </authorization> 
    </security> 
  </system.webServer> 
</location>

Now my problem is that when User1 from Company1 tries to access a file from the Company2 folder, it gets prompted for credentials. I would like that he receives an “access denied” message. I tried to add a in the second location tag but without success.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-26T06:49:58+00:00

Editorial Team

2026-05-26T06:49:58+00:00Added an answer on May 26, 2026 at 6:49 am

Not possible as far as I can see. You need to at least attempt to verify the user before you can display the access denied (by means of custom errors perhaps). However, before this verification has started, there is also no way to determine which user it is.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I managed to secure a folder structure with URL authorization in IIS7 with the

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply