Ask a Question related to ASP.NET Security, Design and Development.
-
Scott Simes #1
Setting up authorization behavior
Hello:
I have what I thought was a simple requirement, but I've not been able to
figure out a solution yet.
I am using Forms authentication. If someone navigates to my web address,
say, [url]www.foo.com[/url] (fictitious), I want them to see an aspx page, such as
index.aspx. The problem is that I have to use this
<authorization>
<deny users="?" />
</authorization>
XML in my web.config file. If I do not, then the redirect feature will not
work. (The redirect feature I'm referring to is the Forms tag's loginUrl
attribute. This URL causes a redirect to automatically occur if a user hits
a page that requires authentication. It is suppsed to also create a
querystring value that holds a reference to the page the user originally
navigated to so that it can return (redirect) to that page after successful
authentication.) If I do not deny users as above then this redirect with
querystring doesn't work. I get redirected to the login page, but no
querystring value appears.
So, this means that all pages in the root require authentication. So I have
created a folder under the root called "noauth" and have placed pages there.
That folder has its own web.config file, and it specifies this:
<authorization>
<allow users="?" />
</authorization>
This works.
However, I have to redirect all users who hit [url]www.foo.com[/url] to a sub-folder,
and this just seems strange.
Is there a way to allow free (no-authorization) access to root pages and
also have the redirect-with-querystring feature work?
Thank you for any help.
Scott Simes Guest
-
Strange behavior when setting gridview selected index
Hello there, I have an asp.net 2.0 web app that uses gridview and formview. When a user selects an item in the gridview the formview appears to... -
URL Authorization
Hi All, I am trying to write several applications, for external users. They will use forms authentication to login. My question concerns url... -
Setting up a FP shooter type camera behavior
ive looked at a couple of models like the macromedia maze magic example, and some others involving mouse input for camera rotation, and key input... -
ASP.NET Authorization
I'd like to use role in Forms authentication and I found the following words from .net SDK about ASP.NET Authorization. " Identifies a targeted... -
Setting and locking behavior properties via score generation session
Dear potential savior, Is there a way to set and lock(so that newly set variables stay) the properties of behaviors that are usually defined by... -
David Coe #2 RE: Setting up authorization behavior
Scott
Yes, there is a way to allow all users free access to some items, and authorized access to other items. In your web.config file, just above or below the <system.web> element, you will input the following
<location path="mypage.aspx"><system.web><authorization><all ow users="?" /></authorization></system.web></location
You can set that configuration for each of the items that you want to allow all unknown/unauthenticated users to be able to see.
David Coe Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
