473,395 Members | 1,460 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > forms auth. question

Join Bytes to post your question to a community of 473,395 software developers and data experts.

Forms Auth. Question

Using forms authentication, can I control which pages
and/or directories a user would have access to or is that
only available with Windows authentication?

Thanks!
Nov 19 '05 #1
5 1649
Hi,

If you are using roles this is really fast to do. Put this in your
<system.web> section of your web.config file:
<authentication mode="Forms">
<forms loginUrl="Login.aspx"></forms>
</authentication>

<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>

Then at the top right under <configuration> put in something like below that
matches what you want to do:

<location path="Members/Administrator">
<system.web>
<authorization>
<allow roles="Administrator"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>

<location path="Members/Customer">
<system.web>
<authorization>
<allow roles="Customer"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>

That gives Administrators access to the www.mysite.com/members/administrator
folder and Customers access to the www.mysite.com/members/customer folder.
If someone who isn't in the correct role tries to access any .aspx files in
those folders they are redirected to the login.aspx page. Good luck! Ken.

--
Ken Dopierala Jr.
For great ASP.Net web hosting try:
http://www.webhost4life.com/default.asp?refid=Spinlight
If you sign up under me and need help, email me.

"V. Jenks" <an*******@discussions.microsoft.com> wrote in message
news:07****************************@phx.gbl...
Using forms authentication, can I control which pages
and/or directories a user would have access to or is that
only available with Windows authentication?

Thanks!

Nov 19 '05 #2
you can use security roles defined on daabase table and can check
wheather use has previlage to access to that page or module and redirect
to login page if not

--
rajagopal

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Nov 19 '05 #3
By roles, do you mean roles in Windows? I'm not, I'm
asking in the context of forms authentication only, where
all users are listed in the web.config file.

As long as I can just rely on the application and not
Windows or some other form of authentication, then it's
what I'm looking for.

-----Original Message-----
Hi,

If you are using roles this is really fast to do. Put this in your<system.web> section of your web.config file:
<authentication mode="Forms">
<forms loginUrl="Login.aspx"></forms>
</authentication>

<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>

Then at the top right under <configuration> put in something like below thatmatches what you want to do:

<location path="Members/Administrator">
<system.web>
<authorization>
<allow roles="Administrator"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>

<location path="Members/Customer">
<system.web>
<authorization>
<allow roles="Customer"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>

That gives Administrators access to the www.mysite.com/members/administratorfolder and Customers access to the www.mysite.com/members/customer folder.If someone who isn't in the correct role tries to access any .aspx files inthose folders they are redirected to the login.aspx page. Good luck! Ken.
--
Ken Dopierala Jr.
For great ASP.Net web hosting try:
http://www.webhost4life.com/default.asp?refid=Spinlight
If you sign up under me and need help, email me.

"V. Jenks" <an*******@discussions.microsoft.com> wrote in messagenews:07****************************@phx.gbl...
Using forms authentication, can I control which pages
and/or directories a user would have access to or is that
only available with Windows authentication?

Thanks!

.

Nov 19 '05 #4
Hi,

With Forms authentication you have two database tables. All of your user
logins and all the roles each user is in. Check out this link:

http://www.devhood.com/tutorials/tut...utorial_id=433

You can also do a search on "roles-based forms authentication". Forms
authentication is actually what you use when you don't want to use Windows
authentication. The link above will give you the code and the tags I posted
earlier for your web.config file will finish up the job and you'll be all
set to go. Good luck! Ken.

--
Ken Dopierala Jr.
For great ASP.Net web hosting try:
http://www.webhost4life.com/default.asp?refid=Spinlight
If you sign up under me and need help, email me.

"V. Jenks" <an*******@discussions.microsoft.com> wrote in message
news:13****************************@phx.gbl...
By roles, do you mean roles in Windows? I'm not, I'm
asking in the context of forms authentication only, where
all users are listed in the web.config file.

As long as I can just rely on the application and not
Windows or some other form of authentication, then it's
what I'm looking for.

-----Original Message-----
Hi,

If you are using roles this is really fast to do. Put

this in your
<system.web> section of your web.config file:
<authentication mode="Forms">
<forms loginUrl="Login.aspx"></forms>
</authentication>

<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>

Then at the top right under <configuration> put in

something like below that
matches what you want to do:

<location path="Members/Administrator">
<system.web>
<authorization>
<allow roles="Administrator"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>

<location path="Members/Customer">
<system.web>
<authorization>
<allow roles="Customer"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>

That gives Administrators access to the

www.mysite.com/members/administrator
folder and Customers access to the

www.mysite.com/members/customer folder.
If someone who isn't in the correct role tries to access

any .aspx files in
those folders they are redirected to the login.aspx page.

Good luck! Ken.

--
Ken Dopierala Jr.
For great ASP.Net web hosting try:
http://www.webhost4life.com/default.asp?refid=Spinlight
If you sign up under me and need help, email me.

"V. Jenks" <an*******@discussions.microsoft.com> wrote in

message
news:07****************************@phx.gbl...
Using forms authentication, can I control which pages
and/or directories a user would have access to or is that
only available with Windows authentication?

Thanks!

.

Nov 19 '05 #5
Hi,

By the way, the link I posted uses only one database table. You can do it
that way too. I prefer to use two, one for my login credentials and one for
my roles where each user/role combination is given a seperate row that I can
date/time stamp and etc. Ken.

"Ken Dopierala Jr." <kd*********@wi.rr.com> wrote in message
news:u0**************@TK2MSFTNGP10.phx.gbl...
Hi,

With Forms authentication you have two database tables. All of your user
logins and all the roles each user is in. Check out this link:

http://www.devhood.com/tutorials/tut...utorial_id=433

You can also do a search on "roles-based forms authentication". Forms
authentication is actually what you use when you don't want to use Windows
authentication. The link above will give you the code and the tags I posted earlier for your web.config file will finish up the job and you'll be all
set to go. Good luck! Ken.

--
Ken Dopierala Jr.
For great ASP.Net web hosting try:
http://www.webhost4life.com/default.asp?refid=Spinlight
If you sign up under me and need help, email me.

"V. Jenks" <an*******@discussions.microsoft.com> wrote in message
news:13****************************@phx.gbl...
By roles, do you mean roles in Windows? I'm not, I'm
asking in the context of forms authentication only, where
all users are listed in the web.config file.

As long as I can just rely on the application and not
Windows or some other form of authentication, then it's
what I'm looking for.

-----Original Message-----
Hi,

If you are using roles this is really fast to do. Put

this in your
<system.web> section of your web.config file:
<authentication mode="Forms">
<forms loginUrl="Login.aspx"></forms>
</authentication>

<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>

Then at the top right under <configuration> put in

something like below that
matches what you want to do:

<location path="Members/Administrator">
<system.web>
<authorization>
<allow roles="Administrator"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>

<location path="Members/Customer">
<system.web>
<authorization>
<allow roles="Customer"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>

That gives Administrators access to the

www.mysite.com/members/administrator
folder and Customers access to the

www.mysite.com/members/customer folder.
If someone who isn't in the correct role tries to access

any .aspx files in
those folders they are redirected to the login.aspx page.

Good luck! Ken.

--
Ken Dopierala Jr.
For great ASP.Net web hosting try:
http://www.webhost4life.com/default.asp?refid=Spinlight
If you sign up under me and need help, email me.

"V. Jenks" <an*******@discussions.microsoft.com> wrote in

message
news:07****************************@phx.gbl...
> Using forms authentication, can I control which pages
> and/or directories a user would have access to or is that
> only available with Windows authentication?
>
> Thanks!
.


Nov 19 '05 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
Why no 403 error for Forms Auth?
by: Brad | last post by:
Stupid question time: Why does Forms Auth just keep going to the login page when access is denied? A 403 error is never raised..at least in my testing it doesn't. If I have a particular web...
ASP.NET
4
Forms Auth cookie vanishes immediately after login
by: 23s | last post by:
I had this problem in the past, after a server reformat it went away, and now after another server reformat it's back again - no clue what's doing it. Here's the flow: Website root is public, no...
ASP.NET
1
Forms Authentication - Not timing out, not redirecting.
by: AVance | last post by:
Hi, I've come across this scenario in ASP.NET 1.1 with forms authentication where the forms auth doesn't seem to timeout correctly, nor redirect to the login page. I have done some testing, and...
ASP.NET
7
Trouble with forms authentication
by: Justin | last post by:
I am trying to password protect a subdirectory using forms authentication. I am using the "Location" tag to specify the directory to be protected. The login.aspx page is in the root directory of...
ASP.NET
6
Forms auth and session question...
by: Jon | last post by:
If a session times out, but the forms auth is still logged in it's possible for users to go to pages on the site that need those session variables. I was under the impression that using forms auth...
ASP.NET
4
Forms auth for directory
by: dhnriverside | last post by:
Hi guys Ok, I have a website which has an "Artists Only" section, for which you have to login for. This section is contained within its own directory on the server "/aonly". I want to make...
ASP.NET
2
c# forms authentication
by: code | last post by:
Hi, I have stumbled across an interesting problem regarding forms authentication over multiple sub domains. The topic has been covered in various forms online but never really gets a definitive...
ASP.NET
8
Forms Authentication - Really really basic question
by: =?Utf-8?B?TFc=?= | last post by:
Hello! I am just learning about forms authentication so please excuse this basic question. I am using .NET 1.1 and C#. I have created my web.config file and my login.aspx and the associated cs...
ASP.NET
4
Forms Authentication Across Applications
by: =?Utf-8?B?RmFyaWJh?= | last post by:
It know that we can use the following method http://msdn2.microsoft.com/en-us/library/eb0zx8fc.aspx to form authenticate across multiple applications. I have created an asp.net application...
ASP.NET
0
forms based auth question
by: tagg3rx | last post by:
Hi All, I'm trying to get forms based auth up and working and I'm running into a little snag. My login page needs to access css files and images in my application and when I enable the...
.NET Framework
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!