13

I have been attempting to follow this blog to get Areas working:

http://mstechkb.blogspot.com/2010/10/areas-in-aspnet-mvc-20.html

In the blog post, it identifies the ability to have authentication set per Area, e.g.:

<location path="Area1">
  <system.web>
  <authentication mode="Windows" />
  <authorization> 
    <allow roles="role1,role2"/>
    <deny users="*"/> 
  </authorization> 
</system.web>
</location>

However, when I try to create this in a new project in Visual Studio 2010 I get the following error when I run:

It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.

From what I can see this is because you cannot specify an authentication element unless it is in the top level web.config.

So it is possible to do what the blog post says? Can you have Areas with Authentication elements inside Location elements in the web.config?

Improve this question
2
  • Hi, did you find a way to get it working? Would you please post the answer here? Thanks Commented Nov 15, 2013 at 2:12
  • I didn't get it going like the blog suggested. My temporary solution was to break the web application into two projects, one per authentication type. Not ideal as that ended up with some duplicated code and configuration, although I moved as much as I could into common projects. The project was abandoned for other reasons soon after, so I never revisited the issue. Commented Nov 18, 2013 at 1:26

1 Answer 1

Reset to default
-2

What I have learnt about ASP.NET MVC, it's always better to set the authorization rules with [Authorization] attribute applied to individual controllers, because it is safer and more adequate considering the way routing system works.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This doesn't change the authentication mechanism, just authorization - i.e. this action/controller requires authenticated access for these roles/users

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.