Hi xenophon,
How are you doing on this issue, have you got any further ideas? If
there're anything else we can help, please feel free to post here. Thanks,
Steven Cheng
Microsoft Online Support
Get Secure!
www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| X-Tomcat-ID: 113841816
| References: <4p********************************@4ax.com>
<OG**************@TK2MSFTNGP10.phx.gbl>
<DR**************@TK2MSFTNGXA01.phx.gbl>
<8p********************************@4ax.com>
| MIME-Version: 1.0
| Content-Type: text/plain
| Content-Transfer-Encoding: 7bit
| From:
st*****@online.microsoft.com (Steven Cheng[MSFT])
| Organization: Microsoft
| Date: Wed, 02 Nov 2005 06:42:14 GMT
| Subject: Re: Framework 1.1 Multiple Authentication?
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| Message-ID: <Q#**************@TK2MSFTNGXA01.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| Lines: 132
| Path: TK2MSFTNGXA01.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.dotnet.framework.aspnet:135429
| NNTP-Posting-Host: TOMCATIMPORT1 10.201.218.122
|
| Thanks for your response Xenophon,
|
| Unfortunately to hear that you're using cookieless session state which
| means using cookie is not possible in your web application. Because the
| ASP.NET webapplicaiton's forms authentication support only cookie based
| authenticate ticket, if our web application does not use cookie, I'm
afraid
| we have to build our own form based autentication module which will store
| and retrieve authenticate ticket from session state( this is what we used
| to do in some classic ASP app...), we store a identify in session state
| after user login and then check that variable in each page's request to
| validate user.....
|
| Thanks,
|
| Steven Cheng
| Microsoft Online Support
|
| Get Secure!
www.microsoft.com/security
| (This posting is provided "AS IS", with no warranties, and confers no
| rights.)
|
|
|
| --------------------
| | NNTP-Posting-Date: Tue, 01 Nov 2005 12:55:08 -0600
| | From: xenophon <xe******@online.nospam>
| | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | Subject: Re: Framework 1.1 Multiple Authentication?
| | Date: Tue, 01 Nov 2005 13:44:38 -0500
| | Message-ID: <8p********************************@4ax.com>
| | References: <4p********************************@4ax.com>
| <OG**************@TK2MSFTNGP10.phx.gbl>
| <DR**************@TK2MSFTNGXA01.phx.gbl>
| | X-Newsreader: Forte Agent 2.0/32.646
| | MIME-Version: 1.0
| | Content-Type: text/plain; charset=us-ascii
| | Content-Transfer-Encoding: 7bit
| | Lines: 82
| | X-Trace:
|
sv3-bew6JhvVx9oLcRhELIGxliI1rf7309fefGlkpCqU8WZfMYNi5B iJcihbRIcASjA9j6mDUzTi
|
x0i5nwl!Puz0JJTJHTGqofprR1TopTbQjY+PIurZ+0secGlEzs fUJvilAg/AurXLOOBGBArZbNfg
| 2g==
| | X-Complaints-To:
ab***@giganews.com
| | X-DMCA-Notifications:
http://www.giganews.com/info/dmca.html
| | X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
| | X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your
| complaint properly
| | X-Postfilter: 1.3.32
| | Path:
|
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfee d00.sul.t-online.de!t-onli
|
ne.de!border2.nntp.dca.giganews.com!border1.nntp.d ca.giganews.com!nntp.gigan
|
ews.com!local01.nntp.dca.giganews.com!news.giganew s.com.POSTED!not-for-mail
| | Xref: TK2MSFTNGXA01.phx.gbl
| microsoft.public.dotnet.framework.aspnet:135314
| | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| |
| | Thanks to you and Gustav and Patrick.
| |
| | I am using cookieless sessions and cannot use cookies at all for my
| | clients. How will Forms auth work in that case?
| |
| |
| |
| | n Mon, 31 Oct 2005 04:15:24 GMT,
st*****@online.microsoft.com (Steven
| | Cheng[MSFT]) wrote:
| |
| | >Thanks for Gaurav and Patrick's informative inputs.
| | >
| | >Hi xenophon,
| | >
| | >For providing separate authorization schema for mutiple sub dirs in
| asp.net
| | >web application, generally we have the following two options:
| | >1. Put a separate web.config in each sub dir which need
| formsauthentication
| | >protection. And override the <authorization> section in that
web.config.
| | >Thus, all the pages in that sub dir is protected to that
<authorization
| >
| | >setting.
| | >
| | >2. Use the <location> element as Gaurav has mentioned, this can help
us
| put
| | >the configuration for sub dir in the main web.config so as to avoid
put
| | >multiple sub web.config in each sub dir.
| | >
| | >#Configuration <location> Settings
| |
|
http://msdn.microsoft.com/library/en...figurationloca
| t
| | >ionsettings.asp?frame=true
| | >
| | >Thanks,
| | >
| | >Steven Cheng
| | >Microsoft Online Support
| | >
| | >Get Secure!
www.microsoft.com/security
| | >(This posting is provided "AS IS", with no warranties, and confers no
| | >rights.)
| | >
| | >
| | >
| | >
| | >
| | >
| | >--------------------
| | >| From: "Patrick.O.Ige" <pa********@optusnet.com.au>
| | >| References: <4p********************************@4ax.com>
| | >| Subject: Re: Framework 1.1 Multiple Authentication?
| | >| Date: Sun, 30 Oct 2005 12:27:29 +1100
| | >| Lines: 19
| | >| X-Priority: 3
| | >| X-MSMail-Priority: Normal
| | >| X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
| | >| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
| | >| Message-ID: <OG**************@TK2MSFTNGP10.phx.gbl>
| | >| Newsgroups: microsoft.public.dotnet.framework.aspnet
| | >| NNTP-Posting-Host: d58-105-58-245.dsl.vic.optusnet.com.au
58.105.58.245
| | >| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP10.phx.gbl
| | >| Xref: TK2MSFTNGXA01.phx.gbl
| | >microsoft.public.dotnet.framework.aspnet:134781
| | >| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| | >|
| | >| Xenophon try looking through this article at:-
| | >|
http://aspalliance.com/articleViewer.aspx?aId=501&pId=1
| | >| It should guide you.
| | >| Patrick
| | >|
| | >| "xenophon" <xe******@online.nospam> wrote in message
| | >| news:4p********************************@4ax.com...
| | >| >
| | >| > I have a web site with forms authentication and a single logon
page.
| I
| | >| > have 4 subdirectories, each that should be protected by a different
| | >| > username/password combination. For testing purposes, the
| | >| > username/password are hardcoded into the code-behind C# code.
| | >| >
| | >| > How can I write my web.config to make this happen?
| | >| >
| | >| > Thanks.
| | >| >
| | >|
| | >|
| | >|
| |
| |
|
|