basic authentication by code -- help needed!!!

A

ami.turgman

Hi,

I'm working on a content pages web site engine which deifnes 2 types
of security methods.
some of the pages don't need authentication and can be accessed by
everyone, while other pages (the same aspx page- different content)
requires to have Basic Authentication, ie. having the popup window
open at the client, authenticating him before he can view the content.
this behavior is defined by configuration of each content page which
is accessed programatically.

the question- is there a way of having the basic authentication popup
by code? i want to check the page's property, and if this is a basic
authentication page, then i want the popup appear to the user...
i searched and couldn't find anything about this anywhere, i would
really appriciate any help regardng this

Thanks in advance,
Ami.
 
D

Dominick Baier

IIS sends the necessary authentication headers to IE whenever he sees an
HTTP 401 coming from ASP.NET - so yes - you could do:

Response.StatusCode = 401;
Request.CompleteRequest();

have not compiled it - but should work ;)
 
J

Joe Kaplan

Server must also add a "WWW-Authenticate: Basic realm=xxxx" header so that
the browser will know to respond with Basic auth. If client sends an
authorization header, server must check for Basic auth request header,
decode it properly and verify the credentials.

If the credentials are going to be verified against Windows/AD, it is much
more straightforward to just check the basic authentication checkbox and let
IIS do all the work.

Joe K.
 
D

Dominick Baier

i thought it is already configured like that:

"while other pages (the same aspx page- different content)
requires to have Basic Authentication, ie. having the popup window
open at the client, authenticating him before he can view the content.
this behavior is defined by configuration of each content page which
is accessed programatically."
 
J

Joe Kaplan

I couldn't quite tell what he was doing based on what he said. I didn't
know if he wanted to implement the whole basic auth protocol himself or some
hybrid. If he has both anonymous and basic enabled in IIS, then sending a
401 response may be adequate in this case. I've never actually tried that.
:)

Joe K.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

I need help in understanding these files on my phone, Could someone help me understand these files? Urgent help needed. Please help. 1
Help with code 0
Code help please 4
Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
How can I view / open / render / display a pdf file with c code? 0
Basic C++ Help 0
Help with Visual Lightbox: Scripts 2
basic beginner help needed 6

Members online

No members online now.
Total: 24 (members: 0, guests: 24)
Robots: 469

Forum statistics

Threads
473,769
Messages
2,569,581
Members
45,056
Latest member
GlycogenSupporthealth

Latest Threads

Top