473,387 Members | 1,575 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > file restriction - forms authentication

Join Bytes to post your question to a community of 473,387 software developers and data experts.

file restriction - Forms authentication

Ed
Hi,

I'm have an asp.NET project, and I'm using Forms authentication method. I was wondering if there is a way to deny access to files that are not .aspx...ie: Someone who tries to access somepage.aspx is prompted for a username and password. However, if someone tries to access somefile.pdf, he can do this without authentication.

Any Suggestions?

Thanks,

Ed
Nov 18 '05 #1
1 1198
Hi Ed,

Only those file types that are mapped in IIS to the aspnet_isapi.dll are
going to be processed by Forms authentication. You have a couple of
options when it comes to PDF files.

1. Have an ASPX page that authenticates and then streams the PDF to the
browser via Response.BinaryWrite.
2. Map the PDF file type to the aspnet_isapi.dll in IIS.

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
ja******@online.microsoft.com

This post is provided "AS-IS" with no warranties and confers no rights.

--------------------
Thread-Topic: file restriction - Forms authentication
thread-index: AcRHRzUlZFxlqk6eRWu5C6EeDelK+Q==
X-WN-Post: microsoft.public.dotnet.framework.aspnet
From: "=?Utf-8?B?RWQ=?=" <an*******@discussions.microsoft.com>
Subject: file restriction - Forms authentication
Date: Mon, 31 May 2004 12:41:03 -0700
Lines: 9
Message-ID: <86**********************************@microsoft.co m>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
Newsgroups: microsoft.public.dotnet.framework.aspnet
Path: cpmsftngxa10.phx.gbl
Xref: cpmsftngxa10.phx.gbl microsoft.public.dotnet.framework.aspnet:237315
NNTP-Posting-Host: tk2msftcmty1.phx.gbl 10.40.1.180
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Hi,
I'm have an asp.NET project, and I'm using Forms authentication method. I
was wondering if there is a way to deny access to files that are not
..aspx...ie: Someone who tries to access somepage.aspx is prompted for a
username and password. However, if someone tries to access somefile.pdf,
he can do this without authentication.

Any Suggestions?

Thanks,

Ed


Nov 18 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
Authentication against file token
by: Jim Harris | last post by:
Somewhere I read about authenticating against a file token on the user's hard drive - but I can't find the book I read it in anymore. If you know what I'm talking about please let me know. ...
ASP / Active Server Pages
2
Web.config file protecting sub-folders only
by: Maziar Aflatoun | last post by:
Hi, I'm trying to protect one of my subfolders from Web.config file in my root folder. Here is my directory structure / // My shopping cart /admin // Shopping cart...
C# / C Sharp
5
Web.config file
by: ruca | last post by:
Hi, I have an application that I want to setup for each folder a web.config file with different authentication, but when I try to do that it gives me an error saying that maybe that folder is...
ASP.NET
1
Web.config File Problem
by: Malik Asif Joyia | last post by:
Hello I want to implement the forms based authentication. for a sub directory in my webapplication. I have allready applied Forms based authentication in my webapplication ,, I have added a folder...
ASP.NET
3
File level permissions using the web.config & forms authentication
by: Stu Lock | last post by:
Hi, Is there a way of requiring a log in for individual asp.net pages rather than securing a entire directory. I have a web app where there are 100+ pages but only 2 need to be password...
ASP.NET
4
File Types not protected by Forms Authentication
by: MatthewRoberts | last post by:
Howdy All, We have an ASP.NET web application that uses Forms Authentication and has worked without problems for some time. However, we recently added a Shockwave SWF file to the mix for flash...
ASP.NET
2
Authentication enabled for all but a single directory or file.
by: UJ | last post by:
I have a web site up and going and on the main login screen there's a help menu option. If the person selects that before they have logged in, it attempts to redirect them to a page telling them...
ASP.NET
6
HTML file server side includes plus forms authentication
by: William F. Zachmann | last post by:
We've got a project going that involves moving an old web site with a massive dll written in C++ that produces most of the output from a SQL 7.0 data base on NT4 onto IIS on Windows 2003 Server...
ASP.NET
2
Authentication Forms and CSS-File
by: Michael Haberfellner | last post by:
hi aspx-community! i do have a (for me) unsolvable problem: i'm using authentication mode="Forms" in my web.config and use my own login-system. all that works fine. the only problem i have:...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!