Re: Use login control to limit access to certain pages

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Hillbilly" <nobody@xxxxxxxxxxx>
Date: Fri, 13 Mar 2009 16:15:53 -0500

// web.config
// To allow or deny access to the application to certain users or roles
// use <allow> or <deny> child tags.
<authorization>
<allow roles="Administrators, RegisteredUsers" />
<deny users="*" />
</authorization>

// The following is how its done at the folder level
// Allows unrestricted access to the folder named anonymousAccess
// where login.aspx is located
<location path="anonymousAccess">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="securedAccess">
<system.web>
<authorization>
<allow roles="Administrators, RegisteredUsers" />
<deny users="*" />
</authorization>
</system.web>
</location>

// Will you test yourself and let us know if we can do the following?
<location path="someFolder/someFile.aspx">
<system.web>
<authorization>
<allow roles="Administrators, RegisteredUsers" />
<deny users="*" />
</authorization>
</system.web>
</location>

Otherwise, the HTML in each page has to be modified in each page.

"c676228" <betty@xxxxxxxxxxxxxxxx> wrote in message news:22A07D9A-5176-43AE-88A3-D394B91B8AF6@xxxxxxxxxxxxxxxx

Hi all,

Recently I got a project specify that part of our web site(it was developed
and in production) will be only available to our
authorized users, not to all public site visitors.

I plan to use Membership database in asp.net 2.0. But the question is the
files(pages) are scattered among different directories and they are put in
some directores containing files which don't need protection at all. And
even worse,
some of those files are in the site's root directory which has some files
don't need to protect at all.
So I don't know what I should do with this scenario. Do you have a
suggestion for me?

Thanks,
--
Betty

Follow-Ups:
- Re: Use login control to limit access to certain pages
  - From: c676228

References:
- Use login control to limit access to certain pages
  - From: c676228

Prev by Date: Re: Vista Setup Project - Rights Issue
Next by Date: Re: Use login control to limit access to certain pages
Previous by thread: Use login control to limit access to certain pages
Next by thread: Re: Use login control to limit access to certain pages
Index(es):
- Date
- Thread

Relevant Pages

authorization element in web.config
... I tried to deny access through the authorization element in web.config ... Itried to deny the unauthenticated users with? ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Forms Authentication
... I am new to the concept of asp.net authentication so this might be ... If the user is a standard user then the user is ... credentials and allow / deny access? ... With URL authorization, ...
(microsoft.public.dotnet.framework.aspnet)
Re: Back Doors
... However, at the risk of cutting my own throat, I will go ahead and state the obvious: I doubt that longevity and reputation alone would be considered by a security professional to be sufficient criteria for extending trust. ... APF authorization on z/OS, but operate comfortably in class G virtual machines in VM production environments. ... Security focuses on the protection of business process and data. ... Integrity focuses on the protection of the software. ...
(bit.listserv.ibm-main)
Re: Authorize an application in certain computers
... so many in fact that any home-grown "protection" scheme is probably ... cryptographic-quality authorization are a minimum. ...
(microsoft.public.vc.mfc)