Ask a Question related to ASP.NET Security, Design and Development.
-
Shailesh #1
web.config and authentication problem.
Hello there!
I have developed a .net web application. In which I am having some .aspx files and a web.config file. All the files are in same folder. In my web.config file I set authentication mode as 'Forms'. I also have login.aspx fine in my app. Now when I try to access any page directely (without enter UID/PWD) I am not redirected to login.aspx. Below is my web.config code
<authentication mode="Forms">
<forms name="testApp" path="/" loginUrl="login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="user1" password="pwd1" />
<user name="user2" password="pwd2" />
<user name="user3" password="pwd3 />
</credentials>
</forms>
</authentication>
<authorization>
<allow users="user1,user2" />
<deny users="user2" />
</authorization>
Withour entering my UID/PWD in my login.aspx file I can access any pages, I am not getting how is it happening? Can any body help me.
Thanking you.
Shail
Shailesh Guest
-
WEB CONFIG PROBLEM
I created i simple web service.. It runs well in my local Pc.. But when i copied it into my server it fails... it is about web config custom... -
WSE web.config problem
Hi all, I have installed WSE 1.0 and have altered my project's web.config file to add: <webServices> <soapExtensionTypes> <add type=... -
Authorization, Authentication in Web.config
Hi I am trying to ensure that users can only enter my Web service on a specific Login web page. I've amended Web.config so that authorization... -
Forms Authentication - GenericPrincipal- How to use web.config configuration
MSDN has good articles that explains how to use GenericPrincipal objects with forms authentication. For instance,... -
Problem with Apache Web Server config file and PHP (please give advice on what problem may be me)
HI: Can anyone refer me to someone that can help with the problem below. I installed Apache Web Server on my laptop which has Windows XP. I... -
Shailesh #2 web.config and authentication problem.
Hello there!
I have developed a .net web application. In which I am having some .aspx files and a web.config file. All the files are in same folder. In my web.config file I set authentication mode as 'Forms'. I also have login.aspx fine in my app. Now when I try to access any page directely (without enter UID/PWD) I am not redirected to login.aspx. Below is my web.config code
<authentication mode="Forms">
<forms name="testApp" path="/" loginUrl="login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="user1" password="pwd1" />
<user name="user2" password="pwd2" />
<user name="user3" password="pwd3 />
</credentials>
</forms>
</authentication>
<authorization>
<allow users="user1,user2" />
<deny users="user2" />
</authorization>
Withour entering my UID/PWD in my login.aspx file I can access any pages, I am not getting how is it happening? Can any body help me.
Thanking you.
Shail
Shailesh Guest
-
Shailesh #3 web.config and authentication problem.
Hello there!
I have developed a .net web application. In which I am having some .aspx files and a web.config file. All the files are in same folder. In my web.config file I set authentication mode as 'Forms'. I also have login.aspx fine in my app. Now when I try to access any page directely (without enter UID/PWD) I am not redirected to login.aspx. Below is my web.config code
<authentication mode="Forms">
<forms name="testApp" path="/" loginUrl="login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="user1" password="pwd1" />
<user name="user2" password="pwd2" />
<user name="user3" password="pwd3 />
</credentials>
</forms>
</authentication>
<authorization>
<allow users="user1,user2" />
<deny users="user2" />
</authorization>
Withour entering my UID/PWD in my login.aspx file I can access any pages, I am not getting how is it happening? Can any body help me.
Thanking you.
Shail
Shailesh Guest
-
Shailesh #4 web.config and authentication problem.
Hello there!
I have developed a .net web application. In which I am having some .aspx files and a web.config file. All the files are in same folder. In my web.config file I set authentication mode as 'Forms'. I also have login.aspx fine in my app. Now when I try to access any page directely (without enter UID/PWD) I am not redirected to login.aspx. Below is my web.config code
<authentication mode="Forms">
<forms name="testApp" path="/" loginUrl="login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="user1" password="pwd1" />
<user name="user2" password="pwd2" />
<user name="user3" password="pwd3 />
</credentials>
</forms>
</authentication>
<authorization>
<allow users="user1,user2" />
<deny users="user2" />
</authorization>
Withour entering my UID/PWD in my login.aspx file I can access any pages, I am not getting how is it happening? Can any body help me.
Thanking you.
Shail
Shailesh Guest
-
Shailesh #5 web.config and authentication problem.
Hello there!
I have developed a .net web application. In this I am having some .aspx files and one web.config file. All the files are in same folder. In my web.config file I set authentication mode as 'Forms'. I also have login.aspx fine in my app. Now when I try to access any page directely (without enter UID/PWD) I am not redirected to login.aspx. Below is my web.config code
<authentication mode="Forms">
<forms name="testApp" path="/" loginUrl="login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="user1" password="pwd1" />
<user name="user2" password="pwd2" />
<user name="user3" password="pwd3 />
</credentials>
</forms>
</authentication>
<authorization>
<allow users="user1,user2" />
<deny users="user2" />
</authorization>
Withour entering my UID/PWD in my login.aspx file I can access any pages, I am not getting how is it happening? Can any body help me.
Thanking you.
Shail
Shailesh Guest
-
ranganh #6 RE: web.config and authentication problem.
Dear Shailesh,
you have to give the attribute
<deny users="?" />
currently you have denied only user2. that means, you are denying only him.
deny users="?" will deny all unauthenticated users.
hope it helps.
"Shailesh" wrote:
> Hello there!
>
> I have developed a .net web application. In this I am having some .aspx files and one web.config file. All the files are in same folder. In my web.config file I set authentication mode as 'Forms'. I also have login.aspx fine in my app. Now when I try to access any page directely (without enter UID/PWD) I am not redirected to login.aspx. Below is my web.config code
>
> <authentication mode="Forms">
> <forms name="testApp" path="/" loginUrl="login.aspx" protection="All" timeout="30">
> <credentials passwordFormat="Clear">
> <user name="user1" password="pwd1" />
> <user name="user2" password="pwd2" />
> <user name="user3" password="pwd3 />
> </credentials>
> </forms>
> </authentication>
>
> <authorization>
> <allow users="user1,user2" />
> <deny users="user2" />
> </authorization>
>
> Withour entering my UID/PWD in my login.aspx file I can access any pages, I am not getting how is it happening? Can any body help me.
>
> Thanking you.
> Shailranganh Guest
-
Shailesh #7 RE: web.config and authentication problem.
Hi, Ranganh,
Its works absolutely fine now.
Thanx for your reply.
Shail.
"ranganh" wrote:
> Dear Shailesh,
>
> you have to give the attribute
>
> <deny users="?" />
>
> currently you have denied only user2. that means, you are denying only him.
>
> deny users="?" will deny all unauthenticated users.
>
> hope it helps.
>
>
>
>
> "Shailesh" wrote:
>> > Hello there!
> >
> > I have developed a .net web application. In this I am having some .aspx files and one web.config file. All the files are in same folder. In my web.config file I set authentication mode as 'Forms'. I also have login.aspx fine in my app. Now when I try to access any page directely (without enter UID/PWD) I am not redirected to login.aspx. Below is my web.config code
> >
> > <authentication mode="Forms">
> > <forms name="testApp" path="/" loginUrl="login.aspx" protection="All" timeout="30">
> > <credentials passwordFormat="Clear">
> > <user name="user1" password="pwd1" />
> > <user name="user2" password="pwd2" />
> > <user name="user3" password="pwd3 />
> > </credentials>
> > </forms>
> > </authentication>
> >
> > <authorization>
> > <allow users="user1,user2" />
> > <deny users="user2" />
> > </authorization>
> >
> > Withour entering my UID/PWD in my login.aspx file I can access any pages, I am not getting how is it happening? Can any body help me.
> >
> > Thanking you.
> > ShailShailesh Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
