Is it possible to have location authorization nodes in a web.config be external?

Question

Is it possible to have location authorization nodes in a web.config be external?

Such that I could take all of the nodes simlar to

  <location path="elmah.axd">
    <system.web>
      <authorization>
        <allow roles="Administrator" />
        <deny users="*" />
      </authorization>
    </system.web>
  </location>      
  <location path="Admin">
    <system.web>
      <authorization>
        <allow roles="Administrator, Representative" />
        <deny users="*" />
      </authorization>
    </system.web>
  </location>

And move them outside of the web.config or something simlar? I find these nodes at an extreme amount of noise to a web.config when they're relatively static. Normally my approach would be to config source something like this but since it falls under the root node I'm not sure of it's possible with these nodes.

Answer 1

you can create a web.config inside each folder with appropriate security settings, all named web config.

• ~/members/web.config
• ~/members/vip/web.config

like:

<?xml version="1.0" encoding="utf-8"?>
  <configuration>
    <system.web>
    <authorization>
        <allow roles="developers" />
        <allow roles="testers" />
        <deny users="*" />
    </authorization>
   </system.web>
</configuration>

Per folder you can have one original web.config, so it would be a good approach to move resources (handlers, pages, controls) "per-authorazition" to that according folder.