Ask a Question related to ASP.NET General, Design and Development.
-
Marina #1
Re: Difference between * and ? in web.config
I believe ? means all unauthenticated users, and * means all users.
"Chris" <chris@uglyfish.com> wrote in message
news:038401c33c1a$2cce9c20$a301280a@phx.gbl...> I guess I have two questions. First what is the
> difference between ? and * when you have your:
> <deny users="?">
> or
> <deny users="*">
>
> Also, when using * instead of ? the redirectfromloginpage
> method does not redirect to the URL in the ReturnUrl
> querystring.
Marina Guest
-
Error loading XML file c:\windows\microsoft.net\framework\v1.0.3705\Config\machine.config
I had many ASP.NET web applications that I created before I had to rebuild my machine. After a fresh install of XP Pro, VS.NET 2003, etc, I now... -
Web References how to config to read URL from config?
It's great that VS.NET makes it so effortless to add a web reference to a web service. The problem is, I haven't figured out a way to configure the... -
web.config vs machine.config ?
1. I got this following error: ******************** Configuration Error Description: An error occurred during the processing of a... -
config file: a) what Module ? b) conditionals in config (for multiple hosts)
Hi, a) I am looking for a module to handle config files. There are a number of these modules, like AppCconig. Any consensus about The Right... -
[RCR] Include CONFIG::Config['rubydocdir'] in rbconfig.rb
Hi folks, I apologise if people have read this RCR and are not interested, but this is what I consider to be an important RCR, not a merely... -
Al Manint #2 Re: Difference between * and ? in web.config
Did you even TRY to search in MSDN?
[url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpgenref/html/gngrfauthorizationsection.asp[/url]
(watch for wrap)
I mean 1 search was all it took (asp.net authorization).
--Al
"Chris" <chris@uglyfish.com> wrote in message
news:038401c33c1a$2cce9c20$a301280a@phx.gbl...> I guess I have two questions. First what is the
> difference between ? and * when you have your:
> <deny users="?">
> or
> <deny users="*">
>
> Also, when using * instead of ? the redirectfromloginpage
> method does not redirect to the URL in the ReturnUrl
> querystring.
Al Manint Guest
-
Chris #3 Re: Difference between * and ? in web.config
No, actually I didn't. I spent a lot of time looking
through the documentation in msdn's library, and actually
found that exact page that you referenced.
However, I guess I just didn't word my question correctly,
as I was looking for a reason why the redirectfromlogin
method behaved differently depending on weather you used *
or ?
url=/library/en->-----Original Message-----
>Did you even TRY to search in MSDN?
>
>[url]http://msdn.microsoft.com/library/default.asp?[/url]
us/cpgenref/html/gngrfauthorizationsection.aspredirectfromloginpage>
>(watch for wrap)
>
>I mean 1 search was all it took (asp.net authorization).
>
>--Al
>
>"Chris" <chris@uglyfish.com> wrote in message
>news:038401c33c1a$2cce9c20$a301280a@phx.gbl...>> I guess I have two questions. First what is the
>> difference between ? and * when you have your:
>> <deny users="?">
>> or
>> <deny users="*">
>>
>> Also, when using * instead of ? the>>> method does not redirect to the URL in the ReturnUrl
>> querystring.
>
>.
>Chris Guest
-
Chris #4 RE: Difference between * and ? in web.config
The redirectfromlogin method does get hit, and I've
checked the value of Request["RedirectUrl"] and it's value
is the correct path.
However, when I use deny users="*" instead of ? I get
redirected to Default.aspx in the application root instead
of the path in Request["RedirectUrl"].
Using ? does redirect to the path contained in Request
["RedirectUrl"].
Seems to be very strange behaivor to me.
Then, there>-----Original Message-----
>Hi Chris,
>
>Deny user="*" indicates that all users are denied access.situation,>should be no user could access this page. Under thiscould prove it by>redirectfromloginpage won't be executed, I think. Youconfers no rights.>debugging your web application and add a breakpoint at
>redirectfromloginpage method to see if it is hit.
>
>If there is any unclear, please feel free to let me know.
>
>Have a nice day!
>
>Regards,
>HuangTM
>This posting is provided "AS IS" with no warranties, and>
>.
>Chris Guest
-
Tian Min Huang #5 RE: Difference between * and ? in web.config
Hi Chris,
I set up an environment and tried to repro the problem that you met.
However, I am not able to reproduce what you met.
Here are my testing steps:
1) Create a web project based on Framework SDK sample:
\Microsoft Visual Studio
.NET\FrameworkSDK\Samples\QuickStart\aspplus\sampl es\security\cookieauth
2) Test the page, now all works fine.
3) Change web.config from
<authorization>
<deny users="?" />
</authorization>
to <authorization>
<deny users="*" />
</authorization>
4) Now when I browse default.aspx, it will redirect to login.aspx first,
which is correct. However, after I fill in the right credential, it wonĄŻt
enter the web site. Instead, it stays in login.aspx forever.
I feel this behavior is normal since we deny all users' access in
web.config. Could you please let us know how you construct the web
application and web.config file to reproduce the problem?
Thanks very much.
Regards,
HuangTM
This posting is provided "AS IS" with no warranties, and confers no rights.
Tian Min Huang Guest
-
Brian Bischof #6 Re: Difference between * and ? in web.config
To get beyond the login page, you have to call the RedirectFromLoginPage()
method. Behind the scenes, ASP.NET drops a cookie on their box saying that
they have been authenticated and automatically goes back to the original
page that they were attempting to access. This method tells ASP.NET that
they have been authenticated. Of course, don't call this method until you
checked that their credentials are valid. Look in help for plenty of sample
code.
FormsAuthentication.RedirectFromLoginPage(UserName , False)
HTH,
Brian Bischof
A Crystal Reports.NET book for programmers? Its free!
* Covers ASP.NET and Windows Forms
* Teaches all phases of report development
* Alerts you to the bugs and how to get around them
* Maps out the complex ReportDocument object model
* Shows how to perform runtime customization
* Demonstrates all options of connecting with ADO.NET
* Gives complete code listings for every concept presented
[url]www.CrystalReportsBook.com?cpgn=ngcr_070303[/url]
"Tian Min Huang" <timhuang@online.microsoft.com> wrote in message
news:ciuLSqcQDHA.1724@cpmsftngxa09.phx.gbl...rights.> Hi Chris,
>
> I set up an environment and tried to repro the problem that you met.
> However, I am not able to reproduce what you met.
>
> Here are my testing steps:
>
> 1) Create a web project based on Framework SDK sample:
> \Microsoft Visual Studio
> NET\FrameworkSDK\Samples\QuickStart\aspplus\sample s\security\cookieauth
>
> 2) Test the page, now all works fine.
>
> 3) Change web.config from
> <authorization>
> <deny users="?" />
> </authorization>
> to <authorization>
> <deny users="*" />
> </authorization>
>
> 4) Now when I browse default.aspx, it will redirect to login.aspx first,
> which is correct. However, after I fill in the right credential, it wonĄŻt
> enter the web site. Instead, it stays in login.aspx forever.
>
> I feel this behavior is normal since we deny all users' access in
> web.config. Could you please let us know how you construct the web
> application and web.config file to reproduce the problem?
>
> Thanks very much.
>
> Regards,
> HuangTM
> This posting is provided "AS IS" with no warranties, and confers no>
Brian Bischof Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
