Re: Multi Level Forms Authentication Help DESPERATELY NEEDED!
- From: "Joe Rigley" <jcrigley@xxxxxxxxxxxxxxxxx>
- Date: Thu, 12 May 2005 13:03:15 -0400
Steve,
Thanks very much... Those links should help me get this done. Your
assistance is much appreciated.
Thanks,
-Rigs
"Steve C. Orr [MVP, MCSD]" <Steve@xxxxxxx> wrote in message
news:egefzenVFHA.3140@xxxxxxxxxxxxxxxxxxxxxxx
> Forms authentication supports this functionality.
> You can have a web.config in each folder that specifies who's allowed in.
>
> Here's more info:
> http://www.dotnetbips.com/displayarticle.aspx?id=117
> http://support.microsoft.com/default.aspx?scid=kb;en-us;311495
> http://www.4guysfromrolla.com/webtech/121901-1.2.shtml
> http://www.eggheadcafe.com/articles/20020906.asp
>
> --
> I hope this helps,
> Steve C. Orr, MCSD, MVP
> http://SteveOrr.net
>
>
> "Joe Rigley" <jcrigley@xxxxxxxxxxxxxxxxx> wrote in message
> news:OIJhYSnVFHA.4056@xxxxxxxxxxxxxxxxxxxxxxx
>> Help Please!
>>
>>
>>
>> I've been tasked with converting a portion of the corporate web site that
>> currently utilizes local user accounts and NTFS via Basic Authentication
>> to access certain files on the web site to an ASP .NET Forms
>> Authentication approach with SQL Server. I'm just getting comfortable
>> with ASP .Net, but strong in Classic ASP.
>>
>>
>>
>> My issue lies with the multiple levels of security (or roles) required to
>> manage access to sub folders on the server. All users that successfully
>> authenticate via the DB will need access to a folder called Dealers. (I
>> fairly certain I can handle that part.) Within the Dealers folder, there
>> are two additional sub folders; Sales and Marketing. Some users will
>> require access to just Sales, some to only Marketing, some to both, and
>> some to neither. I am considering using a roles approach, like in AD,
>> only the roles and users info would be extracted from the DB during the
>> authentication process. A user could be associated to 1 or many roles
>> like DlrAccess, SalesAccess, and/or MktAccess to help manage access.
>>
>>
>>
>> I would appreciate your help in how I can provide a single login approach
>> while still managing access to the aforementioned subdirectories.
>> There's a catch... I need to also managing access to non-Dot Net files,
>> like .pdfs and .docs.
>>
>>
>>
>> I feel confident I could code this if I only had to work with .aspx
>> pages. However, I'm reached an impasse as to how I can support the other
>> file types. I know I can map the .pdf extension to the aspnet_isapi.dll.
>> Unfortunately, that doesn't allow me to access the roles returned from
>> the DB to determine if that user can access the requested file. And
>> requiring the user to log in multiple times is a last resort approach.
>>
>>
>>
>> Can anyone help me out and offer another design to solve this dilemma???
>>
>>
>>
>> Please Help!
>>
>> -Rigs
>>
>>
>>
>>
>
>
.
- References:
- Multi Level Forms Authentication Help DESPERATELY NEEDED!
- From: Joe Rigley
- Re: Multi Level Forms Authentication Help DESPERATELY NEEDED!
- From: Steve C. Orr [MVP, MCSD]
- Multi Level Forms Authentication Help DESPERATELY NEEDED!
- Prev by Date: Re: out of memory
- Next by Date: Re: out of memory
- Previous by thread: Re: Multi Level Forms Authentication Help DESPERATELY NEEDED!
- Next by thread: SSL Certificate Check
- Index(es):
Relevant Pages
|
Loading
