I am curious whether the order in which you supply the <allow> and <deny> elements in the element does matter?
Asked
Active
Viewed 2,806 times
7
BenMorel
- 34,448
- 50
- 182
- 322
HerbalMart
- 1,669
- 3
- 27
- 50
1 Answers
8
Yes, the order matters. This page describes the basic principles: http://msdn.microsoft.com/en-us/library/wce3kxhd.aspx. As per the page, a list of authorization rules is built up from the hierarchy of config files and then the first match wins.
This SO question has a nice example: ASP.NET Forms Auth Allowing access to specific file in subdirectory when all others should be denied
Community
- 1
- 1
Ian Gilroy
- 2,031
- 16
- 14