Common mistake in ASP.NET Forms Authentication

We are all used to this now…


    

    

    

    

In ASP.NET Forms authentication, you can allow access to particular users or deny them using the allow and deny tags. Likewise, you can allow or deny access to particular roles.
E.g. to allow access to a page, say Customer, you will do


  

        

             //Allow users in Customers role

         // Deny rest of all users

    

   

Common Mistake is to place 

 before 



This web config below will not allow users even if they are in Customers role


  

        

             // Deny rest of all users

             //Allow users in Customers role       

    

   

2 thoughts on “Common mistake in ASP.NET Forms Authentication

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.