473,378 Members | 1,319 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > forms authentication

Join Bytes to post your question to a community of 473,378 software developers and data experts.

Forms authentication

Hi all

How can the following problem be solved:

My application uses forms authentication. Normally a
start.aspx page should be send to the client before
login.aspx is shown.
Start.aspx consist of simple JScript writing a cookie about
screen resolution followed by an automatic transfer to
login.aspx. This page is therefore test whether cookies and
JScript are activated.

But if forms authentication is activated, the only
accessible page is login.aspx. So I need first to login and
therefore set the authentication cookie in order to access
start.aspx (checking whether cookie are activated.... :-) ).
My webconfig is:

<authentication mode="Forms" >
<forms
name="Auth-Cookie"
path="\"
loginUrl="Login.aspx"
protection="All"
timeout="25">
<credentials passwordFormat="Clear">
<user name="Test" password="Pass" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>

The deny setting prevent unathorized user from accessing
start.aspx. But this is necessary to make the cookie and
jscript check!

Each help appreciated!

Thanks
Jenny
Nov 17 '05 #1
2 2511
Jenny,
You can overrride specific allow/deny permissions for individual pages and
directories.

What you have already defined in the <authorization> tag of <system.web>
will be applied to all pages that do not have any of their own setting
defined.
To override that setting for a specific page, in your case start.aspx, just
place the following code in your web.config file:
<configuration>
....
<system.web>
....
</system.web>

<location path="start.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

</configuration>

note that this is contained in the <configuation> tag, but after the ending
</system.web> tag.

that code will allow everyone, authenticated or not, to access start.aspx.

HTH,
-Cliff

"Jenny" <j.********@SPAMx-mail.net> wrote in message
news:09****************************@phx.gbl...
Hi all

How can the following problem be solved:

My application uses forms authentication. Normally a
start.aspx page should be send to the client before
login.aspx is shown.
Start.aspx consist of simple JScript writing a cookie about
screen resolution followed by an automatic transfer to
login.aspx. This page is therefore test whether cookies and
JScript are activated.

But if forms authentication is activated, the only
accessible page is login.aspx. So I need first to login and
therefore set the authentication cookie in order to access
start.aspx (checking whether cookie are activated.... :-) ).
My webconfig is:

<authentication mode="Forms" >
<forms
name="Auth-Cookie"
path="\"
loginUrl="Login.aspx"
protection="All"
timeout="25">
<credentials passwordFormat="Clear">
<user name="Test" password="Pass" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>

The deny setting prevent unathorized user from accessing
start.aspx. But this is necessary to make the cookie and
jscript check!

Each help appreciated!

Thanks
Jenny

Nov 17 '05 #2
Hi There...

I am getting this wierd error when i am adding location tags in my
web.config.

"System.exception: there is more than one system.web section in your
configuration file"

Does anyone know why its happening. I am using WSE 1.0 SP1, i have
tried reinstalling it, but no good yet.

Any assistance will be highly appreciated.
Thanx.

Reeya.

"Cliff Harris" <he***@myrealbox.com> wrote in message news:<e6**************@TK2MSFTNGP11.phx.gbl>...
Jenny,
You can overrride specific allow/deny permissions for individual pages and
directories.

What you have already defined in the <authorization> tag of <system.web>
will be applied to all pages that do not have any of their own setting
defined.
To override that setting for a specific page, in your case start.aspx, just
place the following code in your web.config file:
<configuration>
...
<system.web>
...
</system.web>

<location path="start.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

</configuration>

note that this is contained in the <configuation> tag, but after the ending
</system.web> tag.

that code will allow everyone, authenticated or not, to access start.aspx.

HTH,
-Cliff

"Jenny" <j.********@SPAMx-mail.net> wrote in message
news:09****************************@phx.gbl...
Hi all

How can the following problem be solved:

My application uses forms authentication. Normally a
start.aspx page should be send to the client before
login.aspx is shown.
Start.aspx consist of simple JScript writing a cookie about
screen resolution followed by an automatic transfer to
login.aspx. This page is therefore test whether cookies and
JScript are activated.

But if forms authentication is activated, the only
accessible page is login.aspx. So I need first to login and
therefore set the authentication cookie in order to access
start.aspx (checking whether cookie are activated.... :-) ).
My webconfig is:

<authentication mode="Forms" >
<forms
name="Auth-Cookie"
path="\"
loginUrl="Login.aspx"
protection="All"
timeout="25">
<credentials passwordFormat="Clear">
<user name="Test" password="Pass" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>

The deny setting prevent unathorized user from accessing
start.aspx. But this is necessary to make the cookie and
jscript check!

Each help appreciated!

Thanks
Jenny

Nov 17 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
Secure and Unsecure Web Directories using Forms Authentication
by: Billy Jacobs | last post by:
I have a website which has both secure and non-secure pages. I want to uses forms authentication. How do I accomplish this? Originally I had my web.config file in the root with Forms...
.NET Framework
3
Forms authentication in a subfolder problem, please help
by: Kris van der Mast | last post by:
Hi, I've created a little site for my sports club. In the root folder there are pages that are viewable by every anonymous user but at a certain subfolder my administration pages should be...
ASP.NET
2
Forms Authentication question: How to have some pages open and some requiring forms authentication
by: Eric | last post by:
I am trying to build an app where the stuff in the root directory is open to all, but anything under the Restricted directory requires you to login and I want to use Forms to do it. I'm having...
ASP.NET
0
ASP.NET Forms Authentication Best Practices
by: Anonieko Ramos | last post by:
ASP.NET Forms Authentication Best Practices Dr. Dobb's Journal February 2004 Protecting user information is critical By Douglas Reilly Douglas is the author of Designing Microsoft ASP.NET...
ASP.NET
7
Trouble with forms authentication
by: Justin | last post by:
I am trying to password protect a subdirectory using forms authentication. I am using the "Location" tag to specify the directory to be protected. The login.aspx page is in the root directory of...
ASP.NET
5
Forms Auth. Question
by: V. Jenks | last post by:
Using forms authentication, can I control which pages and/or directories a user would have access to or is that only available with Windows authentication? Thanks!
ASP.NET
4
Forms Authentication
by: =?Utf-8?B?R3V1czEyMw==?= | last post by:
Hi, I created a web site on a remote server. To logon the user must enter a user id and password. The site is uses Forms Authentication. The web config file looks as follows: ...
ASP.NET
4
Forms authentication vs session variable
by: Bjorn Sagbakken | last post by:
In a web-application with login creds (user, pwd), these are checked against a user table on a SQL server. On a positive validation I have saved the userID, name, custno and role-settings in a...
ASP.NET
5
Forms Authentication vs MembershipProvider
by: Rory Becker | last post by:
Having now created a Custom MembershipProvider that seems to work correctly with my Logon and ChangePassword controls, I am, as they say, a happy bunny. The next stange is to move on to the...
ASP.NET
1
Forms Authentication for single directory
by: Sean | last post by:
Hi, I've taken over a website, which has an admin section that is currently open. I added Forms Authentication to the admin directory with the using the location section in web.config: ...
ASP.NET
1
Cloud Servers without Credit Card and Email Registration: A Simpler Way to Get on the Cloud
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
General
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
isladogs
Access Europe: Command bars, the Access Shortcut Tool and a simple Audit Log - Wed 3 April
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...
General
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!