A.15. Chapter 15
A.15.1.
A.15.1.1.
A.15.1.1.1. Exercise 1 solution
Authentication is all about proving your identity to a system like a web site. After you have been authenticated, the authorizations you have then determine what it is you can and cannot do in the system.
A.15.1.1.2. Exercise 2 solution
To expand the access to the Management folder for John and all users in the Editors role, you need to expand the current roles attribute to include Editors, and add an additional allow element with its users attribute set to John:
<system.web>
<authorization>
<allow roles="Managers, Editors"/>
<allow users="John"/>
<deny users="*"/>
</authorization>
</system.web>
The roles attribute allows you to specify multiple roles separated by a comma. In order to grant the John account you need to add an additional allow element and then fill in John's name in the users attribute.
From a maintainability perspective, it would be a lot better to add John to the Managers or Editors role if possible. However, you may end up giving John more rights than you want (he could then access anything that a Manager or an Editor could access). Generally, it's best to manage users through roles as much as possible, but it's good to know that you can grant individual accounts the necessary rights as well (or explicitly take those rights away using a deny element).
A.15.1.1.3. Exercise 3 solution
If you want to redirect all users to the same page, all you need to set is the DestinationPageUrl:
<asp:Login ...
Get Beginning ASP.NET 3.5: In C# and VB now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
