I am struggling with an issue with elmah.mvc when it comes to securing the /elmah page on Azure. I can certainly make it secure but that is not what I want. I only want certain users to be able to access it.
I can allow access to the page for all users by setting requiresAuthentication to false but as soon as I set it to true and setting a user in elmah.mvc.allowedUsers does not work and I have no access at all.
Here is my web.config that works (apart from being insecure):
<add key="elmah.mvc.disableHandler" value="false" />
<add key="elmah.mvc.disableHandleErrorFilter" value="true" />
<add key="elmah.mvc.IgnoreDefaultRoute" value="false" />
<add key="elmah.mvc.requiresAuthentication" value="false" />
<add key="elmah.mvc.allowedRoles" value="*" />
<add key="elmah.mvc.allowedUsers" value="*" />
<add key="elmah.mvc.route" value="elmah" />
<add key="elmah.mvc.UserAuthCaseSensitive" value="true" />
I also have
<errorLog type="Elmah.SqlErrorLog, Elmah" connectionStringName="ErrorLog" />
<security allowRemoteAccess="true" />
To be clear, I wish for only named users to have access but find that setting requiresAuthentication to true and setting a user name in allowedUsers cuts off all access for any user.
Any ideas most welcome. Very happy with elmah - great tool.