问题
If I have a sub folder in my website called Admin and this folder has more sub folders. How can I configure a web.config file, that sits in Admin folder, to effect all the subfolders in it recursively?
Currently i have this, but it only caters for the admin folder, and doesn't effect the sub folders
<location path="Admin">
<system.web>
<authorization >
<deny users="?"/>
<allow roles="Admins"/>
</authorization>
</system.web>
Thanks.
回答1:
You need to deny all other users. By default, all users (including guests) are permitted to access all folders. If you want to deny access to anyone except certain users or roles, you need to deny this access after all rules. This implies to guests also.
<system.web>
<authorization >
<allow roles="Admins"/>
<deny users="*"/>
</authorization>
</system.web>
The rules are being checked one by one, so an admin fits to the first rule and getting access. All other users and guests will fall to the second rule and won't get access.
回答2:
You can define allowOverride property to true
<location path="path" allowOverride="true"/>
Link : http://msdn.microsoft.com/en-us/library/b6x6shw7(v=vs.71).aspx
来源:https://stackoverflow.com/questions/13027024/web-config-deny-access-to-subfolder-recursively