Ask a Question related to ASP.NET Security, Design and Development.
-
Gaurav #1
Restrict access to resources like .doc, .ppt etc in .net forms authentication application
Hi,
We are developing a .NET app which has forms authentication. When the
user types in the direct URL which is an aspx page, he will be thrown
to the login page. But if the URL points to a .txt or .doc file, the
document is displayed even though the user is not authenticated.
How do we stop this such that only the users authenticate themselves
before getting access to the resource.
Thanks and Regards,
Gaurav
Gaurav Guest
-
Restrict access by ip
I have an ASP page that I want to allow access from only from a certain block of address, can someone get me started? -
Sharing Forms Authentication between application and sub-application
Hi, I'm succesfully using Forms Authentication on a site I'm working on (MyMainApp). In a subfolder of this site, I have a seperate ASP.NET... -
Forms Authentication to protect a cgi application
I have enabled forms authentication on an IIS 6 W2k3 server to protect access to the application files until authenticated. The actual... -
Forms Authentication to protect .cgi application problem
I have enabled forms authentication on an IIS 6 W2k3 server to protect access to the application files until authenticated. The actual... -
authentication and session issues with resources
Hi, I have a webforms application which uses Forms Authentication. There are two webforms, mainform.aspx which retrieves data from a data.aspx... -
Rasmus Foged #2 Restrict access to resources like .doc, .ppt etc in .net forms authentication application
Hi.
you probably should look at (several) the samples which
mixes forms- and windows-authentication and then turn on
windows authentication to set security (ACE/ACL) on the
file-ressurces.
Best regards
Rasmus Foged
authentication. When the>-----Original Message-----
>Hi,
>
>We are developing a .NET app which has formswill be thrown>user types in the direct URL which is an aspx page, heor .doc file, the>to the login page. But if the URL points to a .txtauthenticated.>document is displayed even though the user is notauthenticate themselves>
>How do we stop this such that only the users>before getting access to the resource.
>
>Thanks and Regards,
>
>Gaurav
>.
>Rasmus Foged Guest
-
Javier Miranda #3 RE: Restrict access to resources like .doc, .ppt etc in .net forms authentication application
Hi
You could use Windows Authentication to authorize using ACL. But if you want to use Forms Authentication and Role Based Authoization, then you must edit your ISAPI server extension so ASP.NET can process those files and apply the Role Based Authoization. Keep in mind that this could introduce a performance penalty
Hope it helps
- Javier M.
Javier Miranda Guest
-
GK #4 Re: Restrict access to resources like .doc, .ppt etc in .net forms authentication application
Dear All,
Thanks for the reply.
We had tried this but were facing the issues. Let me explain what we
did.
We created a folder within the application as DOCS and allowed one NT
user [say PortalUser] to have access on this folder. Now, when a user
gives the direct URL without authenticating, the windows pop up is shown
and he does not get access to the documents.
The problem is that when the valid user who has been authenticated tries
to view the doc in the folder, he also is getting that pop-up.
We are not able to show the documents to the valid user without giving
the pop-up. We tried impersonation by adding the folowing in the
web.config file: -
<identity impersonate="true" username="PortalUser" password = "">
</identity>
but that also is not working.
regards,
Gaurav
*** Sent via Developersdex [url]http://www.developersdex.com[/url] ***
Don't just participate in USENET...get rewarded for it!
GK Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
