Ask a Question related to ASP.NET Security, Design and Development.
-
Harley #1
Protected folder with forms authentication
i have a VB.NET ASP.NET application. the front end is working fine, and know
im developing the manager options. this options have to be in a subfolder
server.com/manager.
how do i protect only that subfolder and its sub-sub-folders?
i thought setting the path param in the authentication - forms section of
web.config to path="/manager" will work.... but its not working.
everything works ok when i set the path to "/", so there is no problem with
the code... but i protect the whole site...
any help?
Harley Guest
-
Applying security at folder level using forms authentication
Hi I have two folders in the .net application,one can be accessed by everyone adn the other needs to be accessed only through submitting login and... -
Forms Authentication for particular folder
Hi, I'm working on a webapplication, most part is for anonymous access, but for one part login is needed. All the files after login are in one... -
PDF search within a password protected folder
Hello: Do you know of any search engines that can search for text in PDF documents when the PDFs are located in a password-protected folder... -
Protected folder login details
Hi, I have a folder that is protected, the users login with their unique username and password, these are held in a text file. Is this... -
Password Protected Forms
Hi, Well if you want something simple you could just follow this method in the KB article: http://support.microsoft.com/?id=209871 Not... -
Teemu Keiski #2 Re: Protected folder with forms authentication
First,In the <system.web> section of the main application folder's
web.config file specify authorization to allow access to the main folder.
<authorization>
<allow users="*" />
</authorization>
Now all users, despite are they authenticated or not, can access the main
folder(could be <allow users="?" /> as well)
Second: Outside the web.config file's <system.web> element but inside
<configuration> element, create a <location> tag that matches the subfolder.
i.e this can be set in the main web.config file.
<location path="manager">
<system.web>
<authorization>
<deny users="?" />
</athorization>
</system.web>
</location>
This should prevent unauthenticated users from accessing the subfolder. You
can again refine this for pages in the subfolder, if such is needed, with
the relevant syntax for the path attribute say:
path="manager/specificpage.aspx" and so on.
Hope this helps.
--
Teemu Keiski
MCP, Designer/Developer
Mansoft tietotekniikka Oy
[url]http://www.mansoft.fi[/url]
AspInsiders Member, [url]www.aspinsiders.com[/url]
ASP.NET Forums Moderator, [url]www.asp.net[/url]
AspAlliance Columnist, [url]www.aspalliance.com[/url]
"Harley" <harleyobrien%40hotmail.com> wrote in message
news:e0XSdo9UDHA.656@tk2msftngp13.phx.gbl...know> i have a VB.NET ASP.NET application. the front end is working fine, andwith> im developing the manager options. this options have to be in a subfolder
> server.com/manager.
> how do i protect only that subfolder and its sub-sub-folders?
> i thought setting the path param in the authentication - forms section of
> web.config to path="/manager" will work.... but its not working.
> everything works ok when i set the path to "/", so there is no problem> the code... but i protect the whole site...
> any help?
>
>
Teemu Keiski Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
