Can't deny access to role in web.config authorization element

215 views Asked by At

I would like to know if it is possible to deny a specific role in web.config authorization section for WebAPI?

I've got following configuration, but it's not working (however I'm getting a HTTP 200 instead of Unauthorized) :-(

<authorization>
  <deny roles="Locked" />
</authorization>
0

There are 0 answers