471,108 Members | 1,353 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,108 software developers and data experts.

IIS 6/ASP.NET Website Forms Authentication and Access Control Question

A web site that will run on Windows Server 2003 and IIS 6.0 needs to provide
three levels of access, one for the public and two others for two levels of
subscribers. This is a port of a prior site that runs on an old version of
the Netscape Web server (which manages user authentication and access). The
three levels of access are currently served up by three different versions
of an ISAPI DLL, written in C++, also managed by the Netscape web server.
The DLL responds to inquiries against a SQL database and directly outputs
formatted Web pages. It is not practical to re-write the DLL.

So the challenge is to figure out how best to handle user authentication and
access control in the new environment. I have got it to the point where the
site works as it should by putting the three different versions of the DLL
(which three Netscape managed out of a directory of its own) directly into
the three main directories associated with the three different levels of
access, but with only a placeholder page for user authentication and, as
yet, no access control whatsoever. I have simple replaced the former user
login (CGI) page with links to the main pages in the directories for the two
subscriber levels.

The main question then is: How best to manage user authentication and

It looks like this should be possible using ASP.NET forms authentication,
handling user authentication via a newly written logon page written in C#,
but I am having a hard time figuring out exactly how to configure the web
site to do that. I have been experimenting with the forms authentication
examples in Chapter 8 of Jeff Webb's MCAD/MCSD Self-Paced Training Kit book
"Developing Web Applications with Microsoft Visual Basic.NET and Visual
C#.NET" but have not yet been able to tweak things properly to get it
working in the new site context.

Secondary questions that have emerged in my process or trial and error

How to configure NTFS file settings and IIS 6.0 directory security
settings when using ASP.NET forms authentication?
What, if any, settings are required regarding the three different
versions of the ISAPI DLL?
How, exactly to, configure the WEB.CONFIG files in the relevant

Any suggestions or pointers to good sources of information would be most

All the best,


William F. Zachmann, President
Canopus Research Inc.

Nov 19 '05 #1
0 1860

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

4 posts views Thread by Joey Powell | last post: by
6 posts views Thread by Manny Chohan | last post: by
7 posts views Thread by Justin | last post: by
5 posts views Thread by V. Jenks | last post: by
8 posts views Thread by Stimp | last post: by
6 posts views Thread by William F. Zachmann | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.