Restrict access to WebModel directly on web server
Applies to: viflow WebModels on IIS | Article: 1751388 | Updated on 27.01.2023
In viflow, you have the option of assigning authorizations and thus restricting access to the WebModel, among other things.
If you want to exclude access to the WebModel for a certain group of people, you can also do this directly on the web server (IIS) – without having to set permissions in viflow.
These and many other settings that can be made on the web server (IIS – Internet Information Services) can be found on the Microsoft website under ››› Microsoft Learn.
Follow these steps:
Enable and apply authorization on IIS
- Open Server Manager – IIS.
- Click Manage – Add Roles and Features {{1}}.
- Click Server Roles and enable URL Authorization {{2}} option under Web Server (IIS) – Web Server – Security.
- Close the dialog with Next and finally with Install.
- Open the IIS Manager and click on the application (here: viflow) {{3}}.
- Click the Authorization Rules icon (new after installation).
- Highlight the rule and click Edit {{5}}.
- Instead of All users, activate the option Specific roles or user groups: and enter the name of the group {{6}} that should have access to the WebModel.
- Confirm with OK.
Calling up the WebModel is now only permitted for users of the corresponding group(s).
Unauthorized users get a login window or the following message when the page is reloaded:
Manage Authorization Rules
In this guide, the existing rule has been modified.
Of course, you can also create new rules. To do this, use the Add permission rule … or Add rejection rule … {{5}} buttons.