Configuration Error
-
I configured my website in IIS to use Windows Authentication, and it works when I don't try to add Authorization Rules. However, I added an Allow rule to allow only users in the Administrators group, and it gives the below error when attempting to load the page: HTTP Error 500.19 - Internal Server Error
Quote:
Cannot add duplicate collection entry of type 'add' with combined key attributes 'users, roles, verbs' respectively set to ', Administrators, '
This is what my web config looks like: <security> <authorization> <remove users="*" roles="" verbs="" /> <add accessType="Allow" users="" roles="Administrators" /> </authorization> </security> Can anyone see what I'm doing wrong?
The difficult we do right away... ...the impossible takes slightly longer.
-
I configured my website in IIS to use Windows Authentication, and it works when I don't try to add Authorization Rules. However, I added an Allow rule to allow only users in the Administrators group, and it gives the below error when attempting to load the page: HTTP Error 500.19 - Internal Server Error
Quote:
Cannot add duplicate collection entry of type 'add' with combined key attributes 'users, roles, verbs' respectively set to ', Administrators, '
This is what my web config looks like: <security> <authorization> <remove users="*" roles="" verbs="" /> <add accessType="Allow" users="" roles="Administrators" /> </authorization> </security> Can anyone see what I'm doing wrong?
The difficult we do right away... ...the impossible takes slightly longer.
That matches the configuration sample in the documentation: Security Authorization <authorization> | Microsoft Learn[^] Based on the error, it sounds like you have authorization rules configured further up the hierarchy - either a parent folder, a parent application, or machine-wide. You could try using IIS Manager to look at the configured rules, using the "Authorization Rules" option in the IIS group rather than the ".NET Authorization Rules" in the ASP.NET group. As a brute-force approach, you could clear the rules first:
<security>
<authorization>
<clear />
<add accessType="Allow" users="" roles="Administrators" />
</authorization>
</security>
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
-
That matches the configuration sample in the documentation: Security Authorization <authorization> | Microsoft Learn[^] Based on the error, it sounds like you have authorization rules configured further up the hierarchy - either a parent folder, a parent application, or machine-wide. You could try using IIS Manager to look at the configured rules, using the "Authorization Rules" option in the IIS group rather than the ".NET Authorization Rules" in the ASP.NET group. As a brute-force approach, you could clear the rules first:
<security>
<authorization>
<clear />
<add accessType="Allow" users="" roles="Administrators" />
</authorization>
</security>
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
Thanks, Richard. I didn't realize the multilayered nature of the settings. I made sure that the settings on the server, website and application were all the same, and now it works. :)
The difficult we do right away... ...the impossible takes slightly longer.
