0

Im trying to limit user access in my Asp.net 5 Vnext solution.

in class way i used this line in root web.config :

<system.web>
<authentication mode="Windows" />
<authorization>
  <allow users="domain\user" />
  <deny users="*" />
</authorization>

but thats not working in new MVC 6 project. modified wwwroot\web.config :

<configuration>
  <system.webServer>
    <handlers>
      <add name="httpplatformhandler" path="*" verb="*" modules="httpPlatformHandler" resourceType="Unspecified" />
    </handlers>
    <httpPlatform processPath="..\approot\web.cmd" arguments="" stdoutLogEnabled="false" stdoutLogFile="..\logs\stdout.log" startupTimeLimit="3600"></httpPlatform>

  </system.webServer>
    <system.web>
    <authentication mode="Windows" />
    <authorization>
      <allow users="domain\user" />
      <deny users="*" />
    </authorization>
  </system.web>

I even tried this and still all windows user can access it :

<configuration>
  <system.webServer>
    <security>
      <authorization>
        <remove users="*" roles="" verbs="" />
        <add accessType="Deny" users="unknownname" />
        <add accessType="Allow" users="knownname" />
      </authorization>
    </security>
  </system.webServer>
</configuration>

cant find right approach for user limitation in asp.net vnext.

Update: new error appears after following link suggestion :

enter image description here

Ahad Porkar
  • 1,666
  • 2
  • 33
  • 68
  • Have you tried the last option with authentication instead of authorization? so: xxx – janpieter_z Dec 20 '15 at 08:45
  • @janpieter_z thanks for respond but it gave me 500 server error if i replace those. – Ahad Porkar Dec 20 '15 at 09:32
  • Possible duplicate of [Windows authentication in asp.net 5](http://stackoverflow.com/questions/28542141/windows-authentication-in-asp-net-5). Note that the `system.webServer` section only applies to IIS/IIS Express, so if you are hosting the app another way these settings won't work. – NightOwl888 Dec 20 '15 at 13:54

0 Answers0