Re: newbie -- forms authentication

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Dan (dfusi_at_hotmail.com)
Date: 02/17/05 

Date: Thu, 17 Feb 2005 17:00:18 +0100

Thank you all guys, I tried some fixes but it still does not work... The
subdirectory "admin" is just a directory of the unique (root) web
application, but this should not harm as suggested by the article pointed by
Andy. I tried to follow this article by making the following changes:

1) remove the web.config file in admin subdir
2) add forms authentication to the root web.config file, and a <location>
tag to specify that the admin subdir should be protected, as follows:

---> in <configuration> / <system.web> tree of the root config file:

<authentication mode="Forms">
  <forms name=".ASPXAUTH" path="/" loginUrl="FrmLogin.aspx" protection="All"
timeout="30">
   <credentials passwordFormat="Clear">
    <user name="Mickey" password="Mouse"/>
   </credentials>
  </forms>
</authentication>

<authorization>
    <allow users="*" />
</authorization>

 <location path="admin">
  <authorization>
   <deny users="?"/>
  </authorization>
 </location>

Anyway, I still get the same results, i.e. all works fine but no protection
is active for any file under admin folder. I can add here the whole process
of creating the sample application here so that someone can try reproducing
the issue, maybe there is something wrong with my approach as I have changed
the VS2003 default location because I need ALL my web apps files in my local
drive folder. Here it is how I created the web application (see
http://www.codeproject.com/useritems/ASPNET_projects.asp):

1. I create my project folder in my local drive, e.g. C:\MyProject.

2. I create a folder named "www" inside C:\MyProject (=C:\MyProject\www),
where all the apps files will be stored.

3. In IIS I create a new virtual directory making it point to
C:\MyProject\www.

4. In VS2003 I create a new Blank Solution and save it in C:\MyProject, so
that if its name is Dummy its physical folder will be C:\MyProject\Dummy.

5. In VS2003 I add a New Project to the blank solution making it point it to
http://localhost/myproject.

If you then change the root web.config file as specified above and create an
admin folder, place some page into it and hyperlink it from the root folder
you should access it with no protection, which is of course wrong. Any idea?

Relevant Pages

  • Re: how to set up no need for ability to handle multiple users on machine
    ... Yes on my windows, I am running always, not as admin, but as user having admin rights. ... Independent of that, what I was thinking is that if there is, and will be, only one user (apart from root) on the system, then there is no need to distinguish between multiple users, and a specific user folder is obsolete. ... Then, from the mess that I saw over the years in windows, some applications give a s**t about the personalized "My Documents" folders and store user documents somewhere on c:. ...
    (alt.os.linux.suse)
  • Re: Authentication!!
    ... folder is writable only to "root" and the admin group. ... In an admin account, the admin group isn't your primary group but it is a member. ... The application folders defaults are to allow writing by root and by members of administrators: ...
    (comp.sys.mac.apps)
  • App_Data Path and ASP.NET Membership
    ... ASP.NET Membership protecting files and folders. ... Membership on host and with protection on local machine and networked ... The project folder is in a sub of the root. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: PF Admin tool & Administrative Rights
    ... Path in that server!! ... Actually I am testing with our lab server and the Ex admin path is ... I successfully received full information from the folder (size, ... If I add the same account as client member as owner, ...
    (microsoft.public.exchange2000.development)
  • Re: Page and Images not found on Localhost
    ... I didn't know that even images could be declared as server controls. ... which may not have been declared as a server control. ... I designated the "project" folder as an application in IIS. ... is the root for anything under it. ...
    (microsoft.public.dotnet.framework.aspnet)