Share via


authorization Element

The Commerce Server 2009 Web services provide RefreshCache operations. When Commerce Server requests a RefreshCache operation, Commerce Server sends an HTTP request to each application in your Web farm that accesses the SiteCacheRefresh.axd HTTP handler.

In order to help secure the SiteCacheRefresh.axd handler, the authorization element needs to be in the Web.config file for each site.

allow Element

The allow element enables the specified user or group to perform RefreshCache operations. At least one allow element is required.

The following table lists and describes the attributes of the allow element.

Attribute

Data Type

Description

roles

String

Lets the specified user or group perform RefreshCache operations.

deny Element

The deny element prevents the specified user or group from performing RefreshCache operations. At least one deny element is required. You can use a wildcard for this value.

The following table lists and describes the attributes of the deny element.

Attribute

Data Type

Description

users

String

Prevents the specified user or group from performing RefreshCache operations.

Example

<authorization>
   <allow roles="BUILTIN\Administrators"/>
   <allow roles="VORDEFINIERT\Administratoren"/>
   <allow roles="BUILTIN\Administrateurs"/>
   <deny users="*"/>
   <deny users="?"/>
</authorization>

See Also

Other Resources

Web.Config Configuration Settings