How do I lock authorization settings?

From Guidance Share

Jump to: navigation, search

J.D. Meier, Prashant Bansode, Alex Mackman


Server administrators can lock authorization settings by placing the <authorization> element in the machine-level Web.config file inside a <location> element with the allowOverride attribute set to false. This ensures that an individual application cannot override the machine-level settings. For example:

<location path="" allowOverride="false">
       <deny users="?" />
      <allow users="*" />
Personal tools