By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
429,570 Members | 970 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 429,570 IT Pros & Developers. It's quick & easy.

how to create the username/password authorization dialog?

P: n/a
Anyone knows how to create the username/password authorization dialog in
ASP?

Thanks,
John
Jul 19 '05 #1
Share this Question
Share on Google+
14 Replies


P: n/a
Do you mean to go to "Directory Security" Tab, and click "Edit" button in
Anonymous access and authentication control? And then check "Basic
authentication." ?? How about the ASP source code? How to invoke the
username/password dialog?

Thanks,
John

"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:O6**************@tk2msftngp13.phx.gbl...
Easiest way is to turn on Windows Authentication in IIS
--
----------------------------------------------------------
Curt Christianson (Software_AT_Darkfalz.Com)
Owner/Lead Designer, DF-Software
http://www.Darkfalz.com
---------------------------------------------------------
..Offering free scripts & code snippits for everyone...
---------------------------------------------------------
"John Davis" <jr*******@hotmail.com> wrote in message
news:uI**************@TK2MSFTNGP10.phx.gbl...
Anyone knows how to create the username/password authorization dialog in
ASP?

Thanks,
John


Jul 19 '05 #2

P: n/a
yes..... Turn off Anonymous.
The popup login box is built-in and automatic

--
----------------------------------------------------------
Curt Christianson (Software_AT_Darkfalz.Com)
Owner/Lead Designer, DF-Software
http://www.Darkfalz.com
---------------------------------------------------------
...Offering free scripts & code snippits for everyone...
---------------------------------------------------------
"John Davis" <jr*******@hotmail.com> wrote in message
news:OW**************@TK2MSFTNGP09.phx.gbl...
Do you mean to go to "Directory Security" Tab, and click "Edit" button in
Anonymous access and authentication control? And then check "Basic
authentication." ?? How about the ASP source code? How to invoke the
username/password dialog?

Thanks,
John

"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:O6**************@tk2msftngp13.phx.gbl...
Easiest way is to turn on Windows Authentication in IIS
--
----------------------------------------------------------
Curt Christianson (Software_AT_Darkfalz.Com)
Owner/Lead Designer, DF-Software
http://www.Darkfalz.com
---------------------------------------------------------
..Offering free scripts & code snippits for everyone...
---------------------------------------------------------
"John Davis" <jr*******@hotmail.com> wrote in message
news:uI**************@TK2MSFTNGP10.phx.gbl...
Anyone knows how to create the username/password authorization dialog in ASP?

Thanks,
John



Jul 19 '05 #3

P: n/a
John Davis wrote:
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:O6**************@tk2msftngp13.phx.gbl...
"John Davis" <jr*******@hotmail.com> wrote in message
news:uI**************@TK2MSFTNGP10.phx.gbl...
Anyone knows how to create the username/password authorization
dialog in ASP? Easiest way is to turn on Windows Authentication in IIS

Do you mean to go to "Directory Security" Tab, and click "Edit"
button in Anonymous access and authentication control? And then check
"Basic authentication." ??


That would do it.
How about the ASP source code? How to
invoke the username/password dialog?


Using Windows or Basic authentication there is no need for asp to do
anything. IIS takes care of ensuring authentication. Useful if your
visitors are mapped to user names on the server.

--
William Tasso - http://WilliamTasso.com
Jul 19 '05 #4

P: n/a
Thanks, but how to set the username and password. I did that in Anonymous
User Account, but it seems not working. Also, what is the checkbox "Allow
IIS to control password" means??

Please advice, thanks!
john

"William Tasso" <ng*@tbdata.com> wrote in message
news:#s**************@TK2MSFTNGP12.phx.gbl...
John Davis wrote:
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:O6**************@tk2msftngp13.phx.gbl...
"John Davis" <jr*******@hotmail.com> wrote in message
news:uI**************@TK2MSFTNGP10.phx.gbl...
Anyone knows how to create the username/password authorization
dialog in ASP?
Easiest way is to turn on Windows Authentication in IIS

Do you mean to go to "Directory Security" Tab, and click "Edit"
button in Anonymous access and authentication control? And then check
"Basic authentication." ??


That would do it.
How about the ASP source code? How to
invoke the username/password dialog?


Using Windows or Basic authentication there is no need for asp to do
anything. IIS takes care of ensuring authentication. Useful if your
visitors are mapped to user names on the server.

--
William Tasso - http://WilliamTasso.com

Jul 19 '05 #5

P: n/a

"William Tasso" <ng*@tbdata.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
John Davis wrote:
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:O6**************@tk2msftngp13.phx.gbl...
"John Davis" <jr*******@hotmail.com> wrote in message
news:uI**************@TK2MSFTNGP10.phx.gbl...
Anyone knows how to create the username/password authorization
dialog in ASP?
Easiest way is to turn on Windows Authentication in IIS
Do you mean to go to "Directory Security" Tab, and click "Edit"
button in Anonymous access and authentication control? And then check "Basic authentication." ??


That would do it.
How about the ASP source code? How to
invoke the username/password dialog?


Using Windows or Basic authentication there is no need for asp to do
anything. IIS takes care of ensuring authentication. Useful if

your visitors are mapped to user names on the server.


But I find that this doesn't work with many browsers. Opera 7 just
reports an unknow authentication error (or something similar). IE on
my old Mac would prompt for user information, but it could not
authenticate any user I entered. It all works fine on my XP machine
with IE6 of course.
Jul 19 '05 #6

P: n/a
Phrederik wrote:
"William Tasso" <ng*@tbdata.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
John Davis wrote:
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:O6**************@tk2msftngp13.phx.gbl...
"John Davis" <jr*******@hotmail.com> wrote in message
news:uI**************@TK2MSFTNGP10.phx.gbl...
> Anyone knows how to create the username/password authorization
> dialog in ASP?
Easiest way is to turn on Windows Authentication in IIS

Do you mean to go to "Directory Security" Tab, and click "Edit"
button in Anonymous access and authentication control? And then
check "Basic authentication." ??


That would do it.
How about the ASP source code? How to
invoke the username/password dialog?


Using Windows or Basic authentication there is no need for asp to do
anything. IIS takes care of ensuring authentication. Useful if your
visitors are mapped to user names on the server.


But I find that this doesn't work with many browsers. Opera 7 just
reports an unknow authentication error (or something similar). IE on
my old Mac would prompt for user information, but it could not
authenticate any user I entered. It all works fine on my XP machine
with IE6 of course.


Yep - it isn't universal and furthermore is hopeless for an internet site
(as opposed to intra/extra net) unless you really are going to allocate a
windows account for all your visitors. Better to use an asp (aka forms
based) solution.

--
William Tasso - http://WilliamTasso.com
Jul 19 '05 #7

P: n/a

"John Davis" <jr*******@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
Thanks, but how to set the username and password. I did that in Anonymous
User Account, but it seems not working. Also, what is the checkbox "Allow
IIS to control password" means??


On your desktop, go to "My Computer",
right-click and select "Manage",
then "Local users and groups",
then "Users", right-click, add new user.

Jul 19 '05 #8

P: n/a
I want to add security in ASP application.
When the user go to http://localhost/myproject/index.asp, I want it will pop
up an username/password authentication dialog box.

Here's the steps I did, but still not working.
1. In computer management, add an user "admin" that should have permission
to the page
2. In IIS console, right click the file index.asp, and click properties >
File Security > Edit, and click Edit button under Anonymous access, and add
user "admin" in Anonymous User Account window.
3. Uncheck Anonymous access check box
4. Click OK button

Then it should provide security access to index.asp only, but not other
files. But still not working either way. Please advise!
Thanks,
Matt


Jul 19 '05 #9

P: n/a
You need to:

a) uncheck the "Allow Anonymous Access" box
b) check the "Basic" and/or "integrated Windows Authentication" box
c) change the NTFS permissions to give your user account access
d) If you are using Internet Explorer -and- Integrated Windows
Authentication, then http://localhost is in the Intranet zone, and IE will
automatically logon for you (so you wont' see the logon dialogue box).
Instead, try http://127.0.0.1 which IE will think is in the Internet zone

Cheers
Ken
"Matt" <ma*******@hotmail.com> wrote in message
news:%2***************@tk2msftngp13.phx.gbl...
: I want to add security in ASP application.
: When the user go to http://localhost/myproject/index.asp, I want it will
pop
: up an username/password authentication dialog box.
:
: Here's the steps I did, but still not working.
: 1. In computer management, add an user "admin" that should have permission
: to the page
: 2. In IIS console, right click the file index.asp, and click properties >
: File Security > Edit, and click Edit button under Anonymous access, and
add
: user "admin" in Anonymous User Account window.
: 3. Uncheck Anonymous access check box
: 4. Click OK button
:
: Then it should provide security access to index.asp only, but not other
: files. But still not working either way. Please advise!
:
:
: Thanks,
: Matt
:
:
:
:
:
:
Jul 19 '05 #10

P: n/a
Thanks Ken,

it pops up the logon dialog box when I try 127.0.0.1, but how about the
domain? How to set the domain? Even I don't type anything in domain, it is
still able to go to the page? Also, what do you mean "c) change the NTFS
permissions to give your user account access." I just added the user in
Anonymous User Account window in IIS console.

Please advise. Thanks!

"Ken Schaefer" <ke*******@THISadOpenStatic.com> wrote in message
news:#J**************@TK2MSFTNGP09.phx.gbl...
You need to:

a) uncheck the "Allow Anonymous Access" box
b) check the "Basic" and/or "integrated Windows Authentication" box
c) change the NTFS permissions to give your user account access
d) If you are using Internet Explorer -and- Integrated Windows
Authentication, then http://localhost is in the Intranet zone, and IE will
automatically logon for you (so you wont' see the logon dialogue box).
Instead, try http://127.0.0.1 which IE will think is in the Internet zone

Cheers
Ken
"Matt" <ma*******@hotmail.com> wrote in message
news:%2***************@tk2msftngp13.phx.gbl...
: I want to add security in ASP application.
: When the user go to http://localhost/myproject/index.asp, I want it will
pop
: up an username/password authentication dialog box.
:
: Here's the steps I did, but still not working.
: 1. In computer management, add an user "admin" that should have permission : to the page
: 2. In IIS console, right click the file index.asp, and click properties

: File Security > Edit, and click Edit button under Anonymous access, and
add
: user "admin" in Anonymous User Account window.
: 3. Uncheck Anonymous access check box
: 4. Click OK button
:
: Then it should provide security access to index.asp only, but not other
: files. But still not working either way. Please advise!
:
:
: Thanks,
: Matt
:
:
:
:
:
:

Jul 19 '05 #11

P: n/a
"Matt" wrote: Thanks Ken,
: it pops up the logon dialog box when I try 127.0.0.1, but how about the
: domain? How to set the domain? Even I don't type anything in domain, it is
: still able to go to the page? Also, what do you mean "c) change the NTFS
: permissions to give your user account access." I just added the user in
: Anonymous User Account window in IIS console.

Matt...

Disabling the anonymous user setting in IIS requires you to use either Basic
or integrated Windows Authentication.
In the NTFS permissions settings at the file system level, on the Security
tab, add the domain user you want to have rights to login with. If
domain\user1 has rights, and domain\user2 tries to logon, they will be
denied. If you want more than one user, it is recommended to either use an
existing group or create a new one. Add the group to the NTFS permissions
so if users have to be added, deleted in the future, just add/remove them
from the group in your domain group. You will not have to revisit the NTFS
permissions or the IIS settings.

Setting the user as the anonymous user in IIS defeats the purpose of
disabling anonymous user access.

HTH...

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp
Jul 19 '05 #12

P: n/a
"Matt" <ma*******@hotmail.com> wrote in message
news:%2***************@tk2msftngp13.phx.gbl...
I want to add security in ASP application.
When the user go to http://localhost/myproject/index.asp, I want it will pop up an username/password authentication dialog box.

Here's the steps I did, but still not working.
1. In computer management, add an user "admin" that should have permission
to the page
2. In IIS console, right click the file index.asp, and click properties >
File Security > Edit, and click Edit button under Anonymous access, and add user "admin" in Anonymous User Account window.
3. Uncheck Anonymous access check box
4. Click OK button

Then it should provide security access to index.asp only, but not other
files. But still not working either way. Please advise!


See the relevant article(s) for you OS/IIS:
IIS 5 Documentation
http://www.microsoft.com/windows2000/en/server/iis/
Microsoft Internet Information Server
Administration
Server Administration
Security
Authentication
Access Control

IIS 6 Documentation
http://www.microsoft.com/technet/pro...entication.asp
HOW TO: Configure IIS 5.0 Web Site Authentication in Windows 2000
http://support.microsoft.com/?id=310344
HOW TO: Configure User and Group Access on an Intranet in Windows 2000 or
Windows NT 4.0
http://support.microsoft.com/?id=325358
HOW TO: Configure IIS Web Site Authentication in Windows Server 2003
http://support.microsoft.com/default...b;en-us;324274

Make sure you disable simple file sharing in XP
http://support.microsoft.com/default...b;en-us;304040
--
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserv...y/centers/iis/

Jul 19 '05 #13

P: n/a
"Ken Schaefer" <ke*******@THISadOpenStatic.com> wrote in message
news:%2****************@TK2MSFTNGP09.phx.gbl...
You need to:

a) uncheck the "Allow Anonymous Access" box


FWIW, I like to say "uncheck the 'Allow Anonymous Access' box AND/OR remove
IUSR_servername from the NTFS permissions on the content."

--
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserv...y/centers/iis/

Jul 19 '05 #14

P: n/a
If you just remove IUSR_<machinename> NTFS permissions, and you do not check
any of the other authentication mechanisms, you will just generate a HTTP
error (since the impersonated account can not get access, and you haven't
specified a method that the server will accept for accepting credentials
from the browser). By default IWA is also checked, so usually that would
work.

That's why I laid out several steps:
a) uncheck allow anonymous
b) check one of the *other* authentication mechanisms
c) adjust NTFS permissions so that the groups that are supposed to have
access have appropraite NTFS permissions (not just "anyone"

Cheers
Ken

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:c2**********@kcweb01.netnews.att.com...
: "Ken Schaefer" <ke*******@THISadOpenStatic.com> wrote in message
: news:%2****************@TK2MSFTNGP09.phx.gbl...
: > You need to:
: >
: > a) uncheck the "Allow Anonymous Access" box
:
: FWIW, I like to say "uncheck the 'Allow Anonymous Access' box AND/OR
remove
: IUSR_servername from the NTFS permissions on the content."
:
: --
: Tom Kaminski IIS MVP
: http://www.iistoolshed.com/ - tools, scripts, and utilities for running
IIS
: http://mvp.support.microsoft.com/
: http://www.microsoft.com/windowsserv...y/centers/iis/
:
:
:
Jul 19 '05 #15

This discussion thread is closed

Replies have been disabled for this discussion.