472,328 Members | 1,107 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

home > topics > asp / active server pages > questions > authentication and custom errors

Join Bytes to post your question to a community of 472,328 software developers and data experts.

Authentication and custom errors

I have an intranet application that uses w2k Integrated
Windows Authentication to authenticate users. We now have
a situation where people will be accessing it who are on
our network but will not be logged into w2k - so now they
are challenged and fail the challenge.
To handle that situation I plan to use iis custom errors
with one of the 401 codes to redirect the user to a
generic page.
The problem is that I cant figure out how to exactly
simulate the problem on my local machine for development,
as by definition Im of course logged into my own computer.
Ive decided to put basic authentication on the folder
where the authentication occurs, and then fail its
challenge, use the redirect, etc. Once this works, then
hopefully I can made some minor changes and use it with
Integrated Windows.
My question is whether this will be a valid simulation:
do those 2 authentication systems work in the same manner
with custom errors? In other words, I dont want to write
a solution for basic auth that doesnt work (with minor
tweaks - for example Im not sure if the same http error is
thrown) with integrated auth.
Thanks, Mark
Jul 19 '05 #1
1 2149
Do not use basic authentication on your intranet. This will send any login
information as clear text, which can be compromised by anyone who is
authenticated. If you plan to use Basic, then consider adding SSL to the
mix. If you want to keep Windows authentication, then use the idea below.

You can setup the ability for those who are outside your domain access to
the site using Windows authentication. What I did was create a global group
on the PDC; adding those who needed access internally. Then I created a
local group on the web server adding in the Global group and the individuals
outside the domain into this local group; giving the necessary permissions.
This allowed user's in DC to login and have access to WebPages that returned
their files, which were located in Colorado.

Since my pages were ASP, I was able to code in messages to user's who tried
to access areas they were not authorized.

Hope this helps.
"Mark Aurit" <ma********@ngc.com> wrote in message
news:01****************************@phx.gbl...
I have an intranet application that uses w2k Integrated
Windows Authentication to authenticate users. We now have
a situation where people will be accessing it who are on
our network but will not be logged into w2k - so now they
are challenged and fail the challenge.
To handle that situation I plan to use iis custom errors
with one of the 401 codes to redirect the user to a
generic page.
The problem is that I cant figure out how to exactly
simulate the problem on my local machine for development,
as by definition Im of course logged into my own computer.
Ive decided to put basic authentication on the folder
where the authentication occurs, and then fail its
challenge, use the redirect, etc. Once this works, then
hopefully I can made some minor changes and use it with
Integrated Windows.
My question is whether this will be a valid simulation:
do those 2 authentication systems work in the same manner
with custom errors? In other words, I dont want to write
a solution for basic auth that doesnt work (with minor
tweaks - for example Im not sure if the same http error is
thrown) with integrated auth.
Thanks, Mark

Jul 19 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
ASP.NET Authentication exception case
by: Jay | last post by:
I have authentication set for my site but I need one page to be an exception case. Namely my forgot password page. How do I tell the webconfig file...
C# / C Sharp
1
Hep -- Authentication issue
by: Winnie | last post by:
I am having issues with setting up the authentication for .net. I have an aspx page in e:\myApp. I have set the virtual directory "MyApp" in IIS...
ASP.NET
3
Forms authentication in a subfolder problem, please help
by: Kris van der Mast | last post by:
Hi, I've created a little site for my sports club. In the root folder there are pages that are viewable by every anonymous user but at a certain...
ASP.NET
2
Form authentication & Custom Principal implementation
by: lucd | last post by:
Hello, I am currently playing with form authentication & role based security on a web application. As seen in the starter kit Time tracker,...
ASP.NET
3
Forms authentication works in Mozilla but not IE
by: Manuel | last post by:
My web app was running fine until I decided to change the custom errors parameter in the Web.config file. I set it to "On" and the app stopped...
ASP.NET
11
Framework 1.1 Multiple Authentication?
by: xenophon | last post by:
I have a web site with forms authentication and a single logon page. I have 4 subdirectories, each that should be protected by a different...
ASP.NET
18
Sun Java System Directory Server Authentication
by: troywalker | last post by:
I am new to LDAP and Directory Services, and I have a project that requires me to authenticate users against a Sun Java System Directory Server in...
C# / C Sharp
2
hyperpau
Custom Error Messages in Access
by: hyperpau | last post by:
Before anything else, I am not a very technical expert when it comes to VBA coding. I learned most of what I know by the excellent Access/VBA forum...
Visual Basic 4 / 5 / 6
0
hyperpau
Custom Error Messages
by: hyperpau | last post by:
Before anything else, I am not a very technical expert when it comes to VBA coding. I learned most of what I know by the excellent Access/VBA forum...
Microsoft Access / VBA
0
The Top 5 Skills You Need in a PowerApps Developer
by: concettolabs | last post by:
In today's business world, businesses are increasingly turning to PowerApps to develop custom business applications. PowerApps is a powerful tool...
.NET Framework
0
better678
Discuss your understanding of the Java platform.
by: better678 | last post by:
Question: Discuss your understanding of the Java platform. Is the statement "Java is interpreted" correct? Answer: Java is an object-oriented...
General
0
Benefits of Blockchain App Development for Enterprise Businesses
by: Kemmylinns12 | last post by:
Blockchain technology has emerged as a transformative force in the business world, offering unprecedented opportunities for innovation and...
General
0
How to minimize a tool bar that shows up when in reports
by: CD Tom | last post by:
This happens in runtime 2013 and 2016. When a report is run and then closed a toolbar shows up and the only way to get it to go away is to right...
General
0
how to collapse a custom toolbar in VBA
by: CD Tom | last post by:
This only shows up in access runtime. When a user select a report from my report menu when they close the report they get a menu I've called Add-ins...
General
0
Basic concepts of WebLogic Admin training?
by: Naresh1 | last post by:
What is WebLogic Admin Training? WebLogic Admin Training is a specialized program designed to equip individuals with the skills and knowledge...
Oracle Database
0
jalbright99669
https redirect with reverse proxy
by: jalbright99669 | last post by:
Am having a bit of a time with URL Rewrite. I need to incorporate http to https redirect with a reverse proxy. I have the URL Rewrite rules made...
IIS / Internet Information Server
0
Hyperconverged All-in-One Streaming Engine, ushering in new age for distributed database
by: antdb | last post by:
Ⅰ. Advantage of AntDB: hyper-convergence + streaming processing engine In the overall architecture, a new "hyper-convergence" concept was...
General
1
How to use http requests (Get function) to get variable value?
by: Matthew3360 | last post by:
Hi, I have a python app that i want to be able to get variables from a php page on my webserver. My python app is on my computer. How would I make it...
Python

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2023
About Bytes
Advertise
Terms Of Use
Privacy Policy

Sitemap

Follow us! Get the Latest Bytes Updates