473,659 Members | 2,934 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

security...

RAB
I have created a folder which I named 'Security' with the path
....Inetpub/wwwroot/Security

Within the 'Security' folder, I have placed three files. Web.config,
default.aspx and login.aspx

The three folders have the following code:

' web.config
<configuratio n>
<system.web>
<customErrors mode="Off"/>
<authenticati on mode="Forms">
<forms name="appNameAu th" path="/" loginUrl="login .aspx"
protection="All " timeout="30">
<credentials passwordFormat= "Clear">
<user name="jeff" password="test" />
<user name="mike" password="test" />
</credentials>
</forms>
</authentication>
<authorizatio n>
<deny users="?" />
</authorization>
</system.web>
</configuration>
' default.aspx
<%@Page Language="VB" %>
<%@Import Namespace="Syst em.Web.Security " %>
<script language="VB" runat="server">
Sub ProcessLogin(ob jSender As Object, objArgs As EventArgs)

If FormsAuthentica tion.Authentica te(txtUser.Text , txtPassword.Tex t)
Then
FormsAuthentica tion.RedirectFr omLoginPage(txt User.Text,
chkPersistLogin .Checked)
Else
ErrorMessage.In nerHtml = "<b>Somethi ng went wrong...</b> please
re-enter your credentials..."
End If

End Sub
</script>
<html>
<head>
<title>Standa rd Forms Authentication Login Form</title>
</head>

<body bgcolor="#FFFFF F" text="#000000">
<form runat="server">
<table width="400" border="0" cellspacing="0" cellpadding="0" >
<tr>
<td width="80">User name : </td>
<td width="10"> </td>
<td><asp:TextBo x Id="txtUser" width="150" runat="server"/></td>
</tr>
<tr>
<td>Password : </td>
<td width="10"> </td>
<td><asp:TextBo x Id="txtPassword " width="150" TextMode="Passw ord"
runat="server"/></td>
</tr>
<tr>
<tr>
<td></td>
<td width="10"> </td>
<td><asp:CheckB ox id="chkPersistL ogin" runat="server" />Remember my
credentials<br>
</td>
</tr>
<tr>
<td> </td>
<td width="10"> </td>
<td><asp:Butt on Id="cmdLogin" OnClick="Proces sLogin" Text="Login"
runat="server" /></td>
</tr>
</table>
<br>
<br>
<div id="ErrorMessag e" runat="server" />
</form>
</body>
</html>
'login.aspx
<%@Page Language="VB" %>
<%@Import Namespace="Syst em.Web.Security " %>
<script language="vb" runat="server">
Sub SignOut(objSend er As Object, objArgs As EventArgs)
'delete the users auth cookie and sign out
FormsAuthentica tion.SignOut()
'redirect the user to their referring page
Response.Redire ct(Request.UrlR eferrer.ToStrin g())
End Sub
Sub Page_Load()
'verify authentication
If User.Identity.I sAuthenticated Then
'display Credential information
displayCredenti als.InnerHtml = "Current User : <b>" &
User.Identity.N ame & "</b>" & _
"<br><br>Authen tication Used : <b>" &
User.Identity.A uthenticationTy pe & "</b>"
Else
'Display Error Message
displayCredenti als.InnerHtml = "Sorry, you have not been
authenticated."
End If
End Sub
</script>
<html>
<head>
<title>Forms Authentication</title>
</head>
<body bgcolor="#FFFFF F" text="#000000">
<span class="Header"> Forms Based Authentication using standard
method</span>
<br>
<br>
<div id="displayCred entials" runat="server" />
<br>
<br>
<form runat="server">
<asp:Button id="cmdSignOut " text="Sign Out" runat="server"
onClick="SignOu t" />
</form>
</body>
</html>

I can open default.aspx just fine. My problem is when I put in the
appropriate user name and password into the textboxes I am directed to
an error page that says "cannot open .../Security/login.aspx"

I went to IIS and made the security folder an application, but I am not
sure if i did it right.

Any help would be appreciated?

Thanks,
RABMissouri

Jun 11 '06 #1
0 1014

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
2
5636
row level security
by: robert | last post by:
well, talk about timely. i'm tasked to implement a security feature, and would rather do so in the database than the application code. the application is generally Oracle, but sometimes DB2. Oracle has what it calls package DBMS_RLS, which implements application ignorant row level security. scanning this group yielded "you can't do that; use views". then i dug out DB2Mag qtr 1 2004, and there is MLS for v8/390. from this article,...
DB2 Database
116
7490
Security - more complex than I thought
by: Mike MacSween | last post by:
S**t for brains strikes again! Why did I do that? When I met the clients and at some point they vaguely asked whether eventually would it be possible to have some people who could read the data and some who couldn't but that it wasn't important right now. And I said, 'sure, we can do that later'. So now I've developed an app without any thought to security and am trying to apply it afterwards. Doh!, doh! and triple doh!
Microsoft Access / VBA
4
7974
Error using WS-Security
by: Ashish | last post by:
Hi Guys I am getting the following error while implementing authentication using WS-security. "Microsoft.Web.Services2.Security.SecurityFault: The security token could not be authenticated or authorized ---> System.Exception: WSE565: The password provided the SecurityTokenManager does not match the one on the incoming token. at Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyPlainText
C# / C Sharp
0
1518
Error while executing .NET remoing security dlls
by: prithvi g via .NET 247 | last post by:
Hi I am a newbie to .NET remoting, I am trying to implementauthorization using SSPI example provided by Michael Barnett. Ihave included the required dll(Microsoft.Samples.Security.SSPI.dll andMicrosoft.Samples.Runtime.Remoting. Security in both my clientand server. I have have defined my config files as follows for client <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.runtime.remoting> <application> <channels>...
C# / C Sharp
1
3358
Design Issue: Separating Application Security Model from the Application (Custom or User) Controls
by: Earl Teigrob | last post by:
Background: When I create a ASP.NET control (User or custom), it often requires security to be set for certain functionality with the control. For example, a news release user control that is comprised of a DataGrid may have separate permissions for adding, deleting and updating a news item. Problem Up until now, I have been implementing security directly inside the control. I will test directly against the security model to see if...
ASP.NET
7
1978
IIS / Web Services Security threats
by: Magdelin | last post by:
Hi, My security team thinks allowing communication between the two IIS instances leads to severe security risks. Basically, we want to put our presentation tier on the perimeter network and the business tier inside the fire wall or internal network. The biz tier will be developed and deployed as web services on IIS. I know microsoft recommends this architecture but I am not able to convince my security team. They say IIS is vulnerable...
.NET Framework
0
4333
Referenced security token could not be retrieved
by: Jay C. | last post by:
Jay 3 Jan. 11:38 Optionen anzeigen Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements Von: "Jay" <p.brunm...@nusurf.at> - Nachrichten dieses Autors suchen Datum: 3 Jan 2006 02:38:30 -0800 Lokal: Di 3 Jan. 2006 11:38 Betreff: Referenced security token could not be retrieved Antworten | Antwort an Autor | Weiterleiten | Drucken | Einzelne Nachricht | Original anzeigen | Entfernen | Missbrauch melden
.NET Framework
3
2241
FxCop App Security
by: Velvet | last post by:
I ran FxCop on one of the components for my web site and the security rules what me to add " tags like the ones listed below: This breaks my ASP.NET application. So my question is, what should these
ASP.NET
1
1911
Code Access Security - General Question
by: Jeremy S. | last post by:
..NET's code Access Security enables administrators to restrict the types of things that a .NET application can do on a local computer. For example, a ..NET Windows Forms application can be prevented from writing to the Registry or writing a file to the local disk. My question: Is this feature unique to .NET? Or is it just as easy for enterprise network administrators to prevent COM applications from writing to the Registry and doing...
.NET Framework
2
2399
Embedding Windows Form Control to ASP .NET Security Problem
by: Budhi Saputra Prasetya | last post by:
Hi, I managed to create a Windows Form Control and put it on my ASP .NET page. I have done the suggestion that is provided by modifying the security settings. From the stack trace, I would assume that the code throws exception when it is trying to retrieve the processes list that has certain name. Below is the code that I use to retrieve the processes. Process processes = Process.GetProcessesByName("xxxx");
ASP.NET
0
8427
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
8851
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
0
8746
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
8525
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
8627
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
5649
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
4175
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
4335
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
2
1975
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us