Re: Locking down a directory

From: John Timney \(ASP.NET MVP\) (
Date: 01/03/05

Date: Mon, 3 Jan 2005 22:35:24 -0000

The location tag in web.config is normally ideal for this type of thing if
your using the right approach to authentication, for something more custom
you could easily set an authentication flag in session and create an
ihttpmodule to deny or allow access at the request level based on the value
being set or not. That would save you all the code you suggest you would be

John Timney
Microsoft Regional Director
"Matt" <> wrote in message
> I'm currently using my own login/session style access restriction system
> my application.  What I'd like to do is restrict access for a certain
> directory to registered users only.  Is there is a quick-and-easy way to
> lock this directory down without having to go to each page in the
> and put:
> if session("userloggedin") <> "" then
>         'do something
> else
>         response.redirect("/login.aspx")
>         response.end()
> end if
> I've looked into Forms Authentication, but I'm not sure how to mesh it
> my current access restriction system.
> Thanks.
> Matt

Relevant Pages

  • Re: Exchange 2003 OWA Hyperlinks
    ... Make sure you enable anonymous access, ... > authentication, and Basic authentication. ... >> Matt McNeil ...
  • Re: Strong vs. Weak Authentication
    ... Matt C wrote: ... > What is the difference between Strong and Weak Authentication? ... If I use the same approach but send the data over SSL ...
  • Re: Get UPN in ASP
    ... > We are using the Windows authentication in the config file. ... > authenticated to IIS and the File System? ... >>> Matt ...
  • Re: HTTP Get with Proxy authentication
    ... There's no real point in my posting anything, as the documentation does a ... take a look at the section on proxies and authentication. ... Matt ...