Visual InterDev

Setting Web Application Permissions

See Also

Every Web application on the Web server has permission settings that identify authorized users and specify their privileges. In Microsoft^® Visual InterDev™, you can set the design-time permissions for your Web application. By default, a new Web application inherits the same permissions as the root directory. You can customize these permissions, and then control the permissions for individual users and for groups.

Setting Web application permissions involves the following:

• Customizing Permissions for a Web Application
  
  
• Setting Permissions for Individuals
  
  
• Setting Permissions for Groups
  
  
• Setting Permissions for Computers
  
  
• Simplifying Design-Time Security
  
  
• Revoking Permissions

Customizing Permissions for a Web Application

You can set unique permissions for the Web application of the currently active Web project. Unique permissions must be set for a Web application before you can modify its users and groups.

To set unique permissions for a Web application

1. In the Project Explorer, select the project you want to set permissions for.
   
   
2. From the Projects menu, choose Web Project and then Web Permissions.
   
   
3. On the Settings tab, select Use unique permissions for this Web application. This specifies that the current Web application does not inherit its permissions setting from the root Web application.
   
   
4. Choose Apply.

   Note   You need to apply the change to unique settings in this tab before the other tabs are available for changes.

Setting Permissions for Individuals

After you have set custom permissions for your Web application, you can add individual users and control their permissions.

To add users to a Web application

1. From the Projects menu, choose Web Project and then Web Permissions.
   
   
2. On the Settings tab, select Use unique permissions for this Web application and then Apply.
   
   
3. On the Users tab, choose Add.
   
   
4. In the Add Names box, type the domain and user name for the new user in this format: domain\username.

   –or–

   In the Obtain list from box, select the domain and add users from the Names field.

5. In the New users can box, select the permission level of the new users. Note that the selected permission level applies to all new users in the Add Names field.
   
   
6. Choose Apply.

You can edit the permissions for each user.

To change permissions for a user

1. From the Projects menu, choose Web Project and then Web Permissions.
   
   
2. On the Users tab, select the user to edit and choose Edit.
   
   
3. In the Edit Users box, select the new level of permission for the user.
   
   
4. Choose Apply.

Setting Permissions for Groups

You can control the read and write permissions granted to groups of users.

Note   If your master Web server is on an operating system using the File Allocation Table file system (FAT), such as Windows 95, instead of NT File System (NTFS), you cannot change the permissions for groups.

To add groups of users to a Web application

1. From the Projects menu, choose Web Project and then Web Permissions.
   
   
2. On the Settings tab, select Use unique permissions for this Web application and then Apply.
   
   
3. On the Groups tab, choose Add.
   
   
4. In the Add Names box, type the domain and group name for the new groups in this format: domain\group name.

   –or–

   In the Obtain list from box, select the domain and add groups from the Names field.

5. In the New users can box, select the permission level of the new groups. Note that the selected permission level applies to all new groups in the Add Names field.
   
   
6. Choose Apply.

Once a group has been given permissions, you can change the permissions of the group.

To change permissions for a group

1. From the Projects menu, choose Web Project, and then Web Permissions.
   
   
2. On the Groups tab select the group to edit and choose Edit.
   
   
3. In the Edit Groups dialog box, select the new level of permission for the group.
   
   
4. Choose Apply.

Setting Permissions for a Computer

You can control the read and write permissions granted to computers based on an IP address.

Note   If your master Web server is on an operating system using the File Allocation Table file system (FAT), such as Windows 95, instead of NT File System (NTFS), you cannot change the permissions for computers.

To add a computer to a Web application

1. From the Projects menu, choose Web Project, and then Web Permissions.
   
   
2. On the Settings tab, select Use unique permissions for this Web application and then Apply.
   
   
3. On the Computers tab, choose Add.
   
   
4. In the IP Address boxes, type the address for the computer.

   Note   You can specify a group of computers that have the same initial address by using an asterisk (*).

5. In the Computer permissions box, select the permission level for the computer.
   
   
6. Choose Apply.

Once a computer has been given permissions, you can change the permissions of the computers.

To change permissions for a computer

1. From the Projects menu, choose Web Project, and then Web Permissions.
   
   
2. On the Computers tab select the computer or computer mask to edit and choose Edit.
   
   
3. In the Edit Computer dialog box, select the new level of permission for the group.
   
   
4. Choose Apply.

Simplifying Design-Time Security

You can simplify design-time security easily by modifying Web permissions once and then using the Microsoft^® Windows NT^® User Manager utility for subsequent security changes.

Note   If your master Web server is on an operating system using the File Allocation Table file system (FAT), such as Windows 95, you cannot change the permissions for groups.

To simplify design-time security

1. In the Windows NT User Manager on your Web server, create two new local groups of users.

   For example, you might create one for administrators called Web_Admins and one for developers called Web_Devs.

2. In Visual InterDev, add the new groups to the Web permission.

When you create new Web applications on this server, you can choose to have the new Web application inherit the permissions of the root directory.

You can grant new users administer or author access to the Web applications on this server by simply adding their names to the appropriate group using the Windows NT User Manager, without re-invoking the Web Permissions dialog box.

However, if you want to maintain a single sub-Web application with different permissions than the other applications on the server, you must set it up to have unique permissions and then manage its users and groups separately.

Revoking Permissions

You can revoke the permissions that an individual or group has by deleting them from the user or group lists.

To delete user or group permissions on a Web application

1. From the Projects menu, choose Web Project, and then Web Permissions.
   
   
2. Select the user to remove from the Users tab or the group to remove from the Group tab.

   Note   If your master Web server is on an operating system using the File Allocation Table file system (FAT), such as Windows 95, instead of NT File System (NTFS), you cannot change the permissions for groups.

3. Choose Remove.
   
   
4. Choose Apply.