473,659 Members | 2,488 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Authentication and custom errors

I have an intranet application that uses w2k Integrated
Windows Authentication to authenticate users. We now have
a situation where people will be accessing it who are on
our network but will not be logged into w2k - so now they
are challenged and fail the challenge.
To handle that situation I plan to use iis custom errors
with one of the 401 codes to redirect the user to a
generic page.
The problem is that I cant figure out how to exactly
simulate the problem on my local machine for development,
as by definition Im of course logged into my own computer.
Ive decided to put basic authentication on the folder
where the authentication occurs, and then fail its
challenge, use the redirect, etc. Once this works, then
hopefully I can made some minor changes and use it with
Integrated Windows.
My question is whether this will be a valid simulation:
do those 2 authentication systems work in the same manner
with custom errors? In other words, I dont want to write
a solution for basic auth that doesnt work (with minor
tweaks - for example Im not sure if the same http error is
thrown) with integrated auth.
Thanks, Mark
Jul 19 '05 #1
1 2246
Do not use basic authentication on your intranet. This will send any login
information as clear text, which can be compromised by anyone who is
authenticated. If you plan to use Basic, then consider adding SSL to the
mix. If you want to keep Windows authentication, then use the idea below.

You can setup the ability for those who are outside your domain access to
the site using Windows authentication. What I did was create a global group
on the PDC; adding those who needed access internally. Then I created a
local group on the web server adding in the Global group and the individuals
outside the domain into this local group; giving the necessary permissions.
This allowed user's in DC to login and have access to WebPages that returned
their files, which were located in Colorado.

Since my pages were ASP, I was able to code in messages to user's who tried
to access areas they were not authorized.

Hope this helps.
"Mark Aurit" <ma********@ngc .com> wrote in message
news:01******** *************** *****@phx.gbl.. .
I have an intranet application that uses w2k Integrated
Windows Authentication to authenticate users. We now have
a situation where people will be accessing it who are on
our network but will not be logged into w2k - so now they
are challenged and fail the challenge.
To handle that situation I plan to use iis custom errors
with one of the 401 codes to redirect the user to a
generic page.
The problem is that I cant figure out how to exactly
simulate the problem on my local machine for development,
as by definition Im of course logged into my own computer.
Ive decided to put basic authentication on the folder
where the authentication occurs, and then fail its
challenge, use the redirect, etc. Once this works, then
hopefully I can made some minor changes and use it with
Integrated Windows.
My question is whether this will be a valid simulation:
do those 2 authentication systems work in the same manner
with custom errors? In other words, I dont want to write
a solution for basic auth that doesnt work (with minor
tweaks - for example Im not sure if the same http error is
thrown) with integrated auth.
Thanks, Mark

Jul 19 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
4
5561
ASP.NET Authentication exception case
by: Jay | last post by:
I have authentication set for my site but I need one page to be an exception case. Namely my forgot password page. How do I tell the webconfig file to authenciate all pages except one page? Thank You for any input on this matter!
C# / C Sharp
1
1398
Hep -- Authentication issue
by: Winnie | last post by:
I am having issues with setting up the authentication for .net. I have an aspx page in e:\myApp. I have set the virtual directory "MyApp" in IIS and give IUSER_XXX and ANONYMOUS USER permission to read and execute. Also, ASPNET user has the permission to read and execute. I changed my web.config and machine.config of my application to <authentication mode="None" /> but it is still asking users from other client Username and password....
ASP.NET
3
4861
Forms authentication in a subfolder problem, please help
by: Kris van der Mast | last post by:
Hi, I've created a little site for my sports club. In the root folder there are pages that are viewable by every anonymous user but at a certain subfolder my administration pages should be protected by forms authentication. When I create forms authentication at root level it works but when I move my code up to the subfolder I get this error: Server Error in '/TestProjects/FormsAuthenticationTestingArea' Application.
ASP.NET
2
4705
Form authentication & Custom Principal implementation
by: lucd | last post by:
Hello, I am currently playing with form authentication & role based security on a web application. As seen in the starter kit Time tracker, I setup a custom identity class (CustomPrincipal) because i wanted some extra info about the current user, i need this extra information to be available in pages without having
ASP.NET
3
3839
Forms authentication works in Mozilla but not IE
by: Manuel | last post by:
My web app was running fine until I decided to change the custom errors parameter in the Web.config file. I set it to "On" and the app stopped working in IE but it works fine in Mozilla! So I turned back to: <customErrors mode="Off" /> and now the problem doesn't go away (in IE). Whenever I click anywhere past the login page it returns back to the login page.
ASP.NET
11
2206
Framework 1.1 Multiple Authentication?
by: xenophon | last post by:
I have a web site with forms authentication and a single logon page. I have 4 subdirectories, each that should be protected by a different username/password combination. For testing purposes, the username/password are hardcoded into the code-behind C# code. How can I write my web.config to make this happen? Thanks.
ASP.NET
18
3402
Sun Java System Directory Server Authentication
by: troywalker | last post by:
I am new to LDAP and Directory Services, and I have a project that requires me to authenticate users against a Sun Java System Directory Server in order to access the application. I have found dozens of examples of how to authenticate users against Active Directory, but AD seems to be a different animal than Sun Java System Directory Server. Could someone provide me with an example of how to authenticate a user against a Directory...
C# / C Sharp
2
19457
hyperpau
Custom Error Messages in Access
by: hyperpau | last post by:
Before anything else, I am not a very technical expert when it comes to VBA coding. I learned most of what I know by the excellent Access/VBA forum from bytes.com (formerly thescripts.com). Ergo, I will be writing this article intended for those who are in the same level, or maybe lower, of my technical knowledge. I would be using layman's words, or maybe, my own words as how I understand them, hoping, you will understand it the same way that...
Visual Basic 4 / 5 / 6
0
2897
hyperpau
Custom Error Messages
by: hyperpau | last post by:
Before anything else, I am not a very technical expert when it comes to VBA coding. I learned most of what I know by the excellent Access/VBA forum from bytes.com (formerly thescripts.com). Ergo, I will be writing this article intended for those who are in the same level, or maybe lower, of my technical knowledge. I would be using layman's words, or maybe, my own words as how I understand them, hoping, you will understand it the same way that...
Microsoft Access / VBA
0
8428
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
8851
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
0
8751
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
8539
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
8630
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
7360
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
0
5650
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
4176
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
2
1982
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us