This documentation is archived and is not being maintained.

<allow> Element

Allows access to a resource.

<configuration>
   <system.web>
      <authorization>
         <allow>

<allow users="comma-separated list of users"
       roles="comma-separated list of roles"
       verbs="comma-separated list of verbs"/>

Optional Attributes

Attribute Description
users A comma-separated list of users that are granted access to the resource. A question mark (?) allows anonymous users; an asterisk (*) allows all users.
roles A comma-separated list of roles that are granted access to the resource.
verbs A comma-separated list of HTTP transmission methods that are granted access to the resource. Verbs registered to ASP.NET are GET, HEAD, POST, and DEBUG.

Example

The following example denies access to all users and allows access to all members of the Admins role.

<configuration>
   <system.web>
      <authorization>
         <deny users="*"/>
         <allow roles="Admins"/>
      </authorization>
   </system.web>
</configuration>

Requirements

Contained Within: <system.web>

Web Platform: IIS 5.0, IIS 5.1, IIS 6.0

Configuration File: Machine.config, Web.config

Configuration Section Handler: System.Web.Configuration.AuthorizationConfigHandler

See Also

<authorization> Element | ASP.NET Configuration | ASP.NET Settings Schema

Show: