Respected Sir,
I am really tired in solving of this issue that have been arises when i would like to restrict files to access only on my Test page , here i am retriving my files in iframe in Test page, problem occurs when a user authenticated themselves then they will be redirected on welcome page and he can access my files through welcome page on Browser by knowing my Folder Name. but i do'nt want to give permissions to access on welcome page using IBrowser i only want to give my files(.mht files) that should be accessed on iframe. So please help me out.
this code as shown below doing pretty well in Visual studio "Debug mode but when i deploy this on iis 7.0 then it is not restricting my .mht files so please help , if you have any othe idea to protect then please give me . -
string[] url_array = new string[100];
-
string[] urlaspx = new string[15];
-
int i = 0;
-
int j = 0;
-
-
protected void Application_PostRequestHandlerExecute(object sender, EventArgs e)
-
{
-
string requestedurl = Request.Url.ToString(); ;
-
string[] requestrrl = requestedurl.Split('.');
-
if (requestrrl[requestrrl.Length - 1] == "aspx" || requestrrl[requestrrl.Length - 1] == "mht")
-
{
-
url_array[i] = requestedurl;
-
-
//if (returnUrl == null) returnUrl = "Secured/login.aspx";
-
string[] url = url_array[i].Split('.');
-
-
if (url[url.Length - 1] == "aspx" )
-
{
-
string[] pageurl = url[url.Length - 2].Split('/');
-
urlaspx[j] = pageurl[pageurl.Length - 1];
-
if (urlaspx[j] == "Test")
-
{
-
if (url[url.Length - 1] == "mht")
-
{
-
-
-
}
-
-
-
-
}
-
else if (url[url.Length - 1] == "aspx")
-
{
-
if (urlaspx[j] != "Test")
-
{
-
j++;
-
}
-
}
-
}
-
-
if (url[url.Length - 1] == "mht" && urlaspx[j] != "Test")
-
{
-
FormsAuthentication.RedirectToLoginPage();
-
FormsAuthentication.SignOut();
-
-
-
}
-
i++;
-
}
-
}
please help me out...
from
shashi shekhar singh
7 4048 Frinavale 9,735
Recognized Expert Moderator Expert
Shashi, have you considered using forms authentication to authenticate your users?
The user is authenticated before your site code is executed. ASP.NET checks if the user is permitted to use the resource before your code is executed...so that means that if the user logs in and is not allowed to use a resource...but they type the URL to the resource ASP.NET will redirect them to an error page stating that they aren't allowed access to the page/picture/resource that they are trying to access.
-Frinny
Yes I am using forms authentication to authenticate user and location path attribute is set to a SecureFolder where login welcome ,test and result pages are stored and in which also all the .mht files are stored.
please it's urgent..
Shashi, in the "secure" page you can use this kind of code so that user authentication can be checked. - protected void Page_Load(object sender, EventArgs e)
-
{
-
if (User.Identity.IsAuthenticated == false)
-
{
-
Server.Transfer("../Login.aspx");
-
}
-
if (Roles.IsUserInRole("Administrator") == false)
-
{
-
Server.Transfer("../unauthorized.aspx");
-
}
-
}
-
Frinavale 9,735
Recognized Expert Moderator Expert
Ok I think that you just need to add an additional secure folder...(I could be wrong here because I don't have a very good idea about what your system's doing)
So you'll have publicly available content (like the Login page and maybe a Sign Up page).
Then you'll have a folder that contains the restricted content that users aren't allowed to access...
Then you'll have a folder containing the .mht files which is also restricted.
Each folder should have a web.config file in it where you can specify which users are allowed access to the information and deny anyone else.
-Frinny
Thanx a lot for your reply , but i am facing a problem not by web.config location path element , actually problem is that when forms authentication authenticates a user then they are allowed to acess all the folder and i am not able to restrict them and it's true that files should be accessed by user by giving their same credential as he is given in the login page, but i only want to restrict them to access these (*.mht) files only on my Test Page not on my Welcome Page or any other page redirects after login page....... looking for your reply...
Respected Sir,
I think in web.config by using <Httpmodules><H ttpmodules> and <httphandlers > <httphandlers > , i can restrict the file access from other pages, if you think so then please give me an idea how to do this actually this is really new for me ....
thanx a lot ..
Frinavale 9,735
Recognized Expert Moderator Expert Sign in to post your reply or Sign up for a free account.
Similar topics |
by: James Walker |
last post by:
Hi there,
I'm just starting to write my second ASP.NET webpage in C# and want
some way of easily splitting out those files that are needed to be
uploaded to the webserver - i.e. i create a project on my local
machine in VS.NET and it creates the "AssemblyInfo.cs" file,
"Global.asax" file, "Global.asax.cs" file the .csproj file, the
..csproj.webinfo file, a default .aspx file etc and a subfolder called
"bin"...
|
by: Robert Jones |
last post by:
I have an asp.net web site that I want to develop further, but I don't have
the Visual Studio project files for the site.
I have all the source files for the site (aspx, cs etc) and the site itself
is running quite happily on my development web server, however within Visual
Studio the only way to add an existing file has two problems:
1. You can only add one file at a time
2. You don't appear to be able to navigate into subfolders...
|
by: John M |
last post by:
Hello,
On Microsoft Visual Studio .NET 2003,
I want to use some global elements,
that can be used in each one of my pages.
i.e I put a oleDBConnection on global.asax.vb
How can I use it (the oleDBConnection on global.asa.vb) at the other aspx
pages ?
|
by: Vishwanathan Raman |
last post by:
Hi
I have a declared a static DataSet object SOBJ in Global.asax.I also have a
localy defined DataSet LSOBJ in Global.asax which I am storing in Application
State.Is there any technical differences in the way both the objects are
handled by IIS.
Are both objects stored in different memory spaces?
I can access both the objects in my web page.
I will be grateful if some one can help me understand the difference.
|
by: ad |
last post by:
The Global.asax is code-inside with default.
How to change Global.asax to code-behind?
| |
by: Javier Martinez |
last post by:
Hi
I have asp application in a machine with a virtual directory referring a
shared directory in another machine
When I try to load any aspx page of my portal I get the following error:
Mensaje de error del analizador: We can't load the type 'JULIAN.Global'.
|
by: David++ |
last post by:
Hi folks,
Just been having a play with C# Web Application project. So far I've just
created a single Web Form with some text and links. I now want to upload the
Web Form to my server space. The Form is called index.aspx . However, I'm not
sure what files exactly I need to upload? The project has currently generated
the following files -
bin (folder containing dll)
AssemblyInfo.cs
|
by: Al Santino |
last post by:
Hello,
I've created a simple C# web services project using Visual Studio 2005. My
service compiles and runs correctly when called by remote clients.
I'm able to step through the service in the debugger unless I add a
Global.asax file. When I do that and then try to run the debugger I receive
error 403. If I remove the Global.asax file things work fine. The
Global.asax file is the one generated by VS 2005 - I don't try to add
anything...
|
by: =?Utf-8?B?UGF0Qg==?= |
last post by:
Just starting to move to ASP.NET 2.0 and having trouble with the Global.asax
code file.
In 1.1 I could have a code behind file for the global.asax file. This allow
for shared variables of the Global class. Note: I use these shared variables
for read only values that are set at application start.
It would appear the 2.0 doesn't like you to use shared variables in the
global class. How do I convert my 1.1 applications to 2.0 without...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |