473,503 Members | 1,643 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Can't get stupid Authentication to work!!

I must be missing something very simple. I've had a web site running for a
long time (anonymous access).
Web.config authentication is original (anyone gets in):

<authentication mode="Windows" />
<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>

Now I added a html subdirectory that I want to only allow certain windows
users into, call it Foo.
I created a Web.config in subdirectory Foo and added:

<authentication mode="Windows" />
<authorization>
<allow users="SpecialUser" /> <!-- Allow all users -->
<deny users="?" />
</authorization>

Still, anyone can access html files in Foo? How do I restrict access to
content in Foo??
Amil
Nov 18 '05 #1
3 1579
Amil,

Unless the Foo directory is also an application root, you should be getting
an error message when doing this because you are trying to set the
authentication mode below the application root. The <authentication>
section has an allowDefinition attribute of MachineToApplication which
means that you can only set it at the machine level or at the application
root level.

If I were you, I would use a location tag instead. In other words, I would
change your web.config in the root directory as shown below. Bear in mind
that there are many other entries I didn't put here. I'm just trying to
give you the idea of what you need to do:

<system.web>

<authentication mode="Windows" />

<authorization>
<allow users="*" />
</authorization>

</system.web>

<location path="Foo">
<system.web>
<authorization>
<deny users="*" />
<allow users="SpecialUser" />
</authorization>
</system.web>
</location>

Note that I have added a <deny> tag that denies all users to the Foo
directory and then I've explicitly given the SpecialUser access. In the
code you posted, users who are not authenticated will not be let in, but
all other users will be, SpecialUser or not.

Hope that helps.

Jim Cheshire, MCSE, MCSD [MSFT]
Developer Support
ASP.NET
ja******@online.microsoft.com

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Amil" <am********@hotmail.com>
Subject: Can't get stupid Authentication to work!!
Date: Tue, 9 Dec 2003 22:08:28 -0700
Lines: 26
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <#m**************@TK2MSFTNGP11.phx.gbl>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: 65.121.130.118
Path: cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTN GP08.phx.gbl!TK2MSFTNGP11.
phx.gblXref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:195453
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

I must be missing something very simple. I've had a web site running for a
long time (anonymous access).
Web.config authentication is original (anyone gets in):

<authentication mode="Windows" />
<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>

Now I added a html subdirectory that I want to only allow certain windows
users into, call it Foo.
I created a Web.config in subdirectory Foo and added:

<authentication mode="Windows" />
<authorization>
<allow users="SpecialUser" /> <!-- Allow all users -->
<deny users="?" />
</authorization>

Still, anyone can access html files in Foo? How do I restrict access to
content in Foo??
Amil


Nov 18 '05 #2
I tried this exactly using location. When I put the deny="*" (either before
or after the
allow tag) I can't log in even using a good username and password.

Amil

"Jim Cheshire [MSFT]" <ja******@online.microsoft.com> wrote in message
news:Is**************@cpmsftngxa07.phx.gbl...
Amil,

Unless the Foo directory is also an application root, you should be getting an error message when doing this because you are trying to set the
authentication mode below the application root. The <authentication>
section has an allowDefinition attribute of MachineToApplication which
means that you can only set it at the machine level or at the application
root level.

If I were you, I would use a location tag instead. In other words, I would change your web.config in the root directory as shown below. Bear in mind
that there are many other entries I didn't put here. I'm just trying to
give you the idea of what you need to do:

<system.web>

<authentication mode="Windows" />

<authorization>
<allow users="*" />
</authorization>

</system.web>

<location path="Foo">
<system.web>
<authorization>
<deny users="*" />
<allow users="SpecialUser" />
</authorization>
</system.web>
</location>

Note that I have added a <deny> tag that denies all users to the Foo
directory and then I've explicitly given the SpecialUser access. In the
code you posted, users who are not authenticated will not be let in, but
all other users will be, SpecialUser or not.

Hope that helps.

Jim Cheshire, MCSE, MCSD [MSFT]
Developer Support
ASP.NET
ja******@online.microsoft.com

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Amil" <am********@hotmail.com>
Subject: Can't get stupid Authentication to work!!
Date: Tue, 9 Dec 2003 22:08:28 -0700
Lines: 26
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <#m**************@TK2MSFTNGP11.phx.gbl>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: 65.121.130.118
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTN GP08.phx.gbl!TK2MSFTNGP11. phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:195453X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

I must be missing something very simple. I've had a web site running for along time (anonymous access).
Web.config authentication is original (anyone gets in):

<authentication mode="Windows" />
<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>

Now I added a html subdirectory that I want to only allow certain windows
users into, call it Foo.
I created a Web.config in subdirectory Foo and added:

<authentication mode="Windows" />
<authorization>
<allow users="SpecialUser" /> <!-- Allow all users -->
<deny users="?" />
</authorization>

Still, anyone can access html files in Foo? How do I restrict access to
content in Foo??
Amil

Nov 18 '05 #3
Amil,

In the example you gave, you should be specifying the user with a
domain/username, or if a local account, machine/username. For example:

<allow users="DOMAIN\SpecialUser" />

Make the domain name or machine name all upper-case. The username case
doesn't matter.

Jim Cheshire, MCSE, MCSD [MSFT]
Developer Support
ASP.NET
ja******@online.microsoft.com

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Amil" <am********@hotmail.com>
References: <#m**************@TK2MSFTNGP11.phx.gbl> <Is**************@cpmsftngxa07.phx.gbl>Subject: Re: Can't get stupid Authentication to work!!
Date: Wed, 10 Dec 2003 10:50:44 -0700
Lines: 108
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <#U**************@TK2MSFTNGP11.phx.gbl>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: 12.46.90.2
Path: cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!cpmsftng xa09.phx.gbl!TK2MSFTNGP08.
phx.gbl!TK2MSFTNGP11.phx.gblXref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:195592
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

I tried this exactly using location. When I put the deny="*" (either beforeor after the
allow tag) I can't log in even using a good username and password.

Amil

"Jim Cheshire [MSFT]" <ja******@online.microsoft.com> wrote in message
news:Is**************@cpmsftngxa07.phx.gbl...
Amil,

Unless the Foo directory is also an application root, you should be

getting
an error message when doing this because you are trying to set the
authentication mode below the application root. The <authentication>
section has an allowDefinition attribute of MachineToApplication which
means that you can only set it at the machine level or at the application
root level.

If I were you, I would use a location tag instead. In other words, I

would
change your web.config in the root directory as shown below. Bear in mind that there are many other entries I didn't put here. I'm just trying to
give you the idea of what you need to do:

<system.web>

<authentication mode="Windows" />

<authorization>
<allow users="*" />
</authorization>

</system.web>

<location path="Foo">
<system.web>
<authorization>
<deny users="*" />
<allow users="SpecialUser" />
</authorization>
</system.web>
</location>

Note that I have added a <deny> tag that denies all users to the Foo
directory and then I've explicitly given the SpecialUser access. In the
code you posted, users who are not authenticated will not be let in, but
all other users will be, SpecialUser or not.

Hope that helps.

Jim Cheshire, MCSE, MCSD [MSFT]
Developer Support
ASP.NET
ja******@online.microsoft.com

This post is provided as-is with no warranties and confers no rights.

--------------------
>From: "Amil" <am********@hotmail.com>
>Subject: Can't get stupid Authentication to work!!
>Date: Tue, 9 Dec 2003 22:08:28 -0700
>Lines: 26
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
>Message-ID: <#m**************@TK2MSFTNGP11.phx.gbl>
>Newsgroups: microsoft.public.dotnet.framework.aspnet
>NNTP-Posting-Host: 65.121.130.118
>Path:

cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFT NGP08.phx.gbl!TK2MSFTNGP11

Nov 18 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
3
3876
asp.net FORMS authentication question
by: kevin | last post by:
hi all with forms authentication, how does that work for a site with introduction and tour or maybe some more pages? by using forms authentication, all pages have to be authenticated before...
ASP.NET
1
2160
ASP TreevIew Control and Forms Authentication
by: Srinivasa Raghavan | last post by:
Hi All, I have some doubts on the Treeview control and Form Authentication 1) will Form Authentication work if cookies are disabled. 2) I have problem in the following code (TreeView...
ASP.NET
2
3346
[REPOST] Problem in Windows based Authentication
by: Abhishek Srivastava | last post by:
Hello All, I use windows based authentication for my ASP.NET web app. I have disabled anonymous access of my web application too from the IIS console. From my own machine, the webapp works...
ASP.NET
2
1179
Let the user authentication work at the BasePage, is it suitable?
by: Benny Ng | last post by:
Hi,all, Now I let every .aspx page inherited from BasePage, and let the authentication work at there. sample code: if (session=="") { //Redirect to login page Response.Redirect ("login.aspx");...
ASP.NET
0
1102
Toggle button in a ListStore in pygtk, i cant make it work!
by: sapo | last post by:
This is my code: def list(self): tree = self.principal.get_widget("list") self.list = gtk.ListStore(bool,str) self.options = renderer1 = gtk.CellRendererToggle()...
Python
3
1278
Looping code that i cant seem to work out!
by: Luke - eat.lemons | last post by:
Sorry for the post in this NG but im short on time to get this working and i haven't seem to of got a response anywhere else. Im pretty new to asp so all light on this question would be great. ...
ASP.NET
0
15967
ASP.NET Basic Authentication programmatically.
by: =?Utf-8?B?S29uc3RhbnRpbg==?= | last post by:
I am currently working on the application that need to simulate basic authentication programmatically using user's credentials that are known. Basically, the need is for a single sign on with a...
C# / C Sharp
1
1402
Does smtp authentication work to prevent bulk/spam mails when i send it in php
by: neearj2008 | last post by:
can any one help me in php to send mail. i am through mail() but the mail goes to the bulk or spam.. does smtp authentication work for it?
PHP
1
2561
Forms Authentication for single directory
by: Sean | last post by:
Hi, I've taken over a website, which has an admin section that is currently open. I added Forms Authentication to the admin directory with the using the location section in web.config: ...
ASP.NET
0
7084
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
1
6991
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
7458
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
4672
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp
0
3167
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
0
3154
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
0
1512
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
C# / C Sharp
1
736
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
0
380
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us