Urlauthorizationmodule unauthorized biography

by Saad Ladki

Introduction

Authorization was difficult in previous versions of IIS. Because IIS only worked with Windows identities, you had to go to the file system and set Access Control Lists on files and directories.

This was tedious because the ACL UI is complex and authorization rules do not copy very well from machine to machine.

IIS 7.0 and above uses URL Authorization.

Urlauthorizationmodule unauthorized biography

It allows you to put authorization rules on the actual URL instead of the underlying file system resource. Additionally, the IIS URL Authorization configuration is stored in web.config files-- you can distribute authorization rules with the application content.

The following walkthrough introduces you to the IIS URL Authorization feature in Windows Server® 2008 Beta 3 and Windows Vista Service Pack 1.

Prerequisites

This walkthrough requires installing the following IIS above features on top of the default install:

• "ASP.NET" under "Internet Information Services"