Name
<deny>
Synopsis
Specifies users, roles, and/or HTTP verbs to be denied authorization for the application.
Scope
Any
Attributes
-
users
A comma-delimited list of authorized usernames.
-
roles
A comma-delimited list of authorized roles (NT groups).
-
verbs
A comma-delimited list of authorized HTTP verbs (GET, HEAD, POST, or DEBUG).
Child Elements
None
Example
See the example for the <authorization>
element.
Notes
The same wildcards used by the <allow>
element also apply to the deny element. To deny access to anonymous
(non-authenticated) users, set the value of the
users
attribute of the
<deny>
element to ?
.
Get ASP.NET in a Nutshell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.