i loose my authentication ticket, but i am still able to access other pages

J

jrodguitar

If anyone, could help me
I am trying to avoid using cookies (the actual file) but i am appending
the ticket to my URL string.
Purposely, i am not attaching it the ticket to certain pages, just to
check the security.
Unfortunately i can access those pages, but i believe i should not.
I am going from the webpages in the menu folder, to the webpages in the
mypages folder.
I secure each folder in my web app in the web.config file in the
following manner:
<location path="mypages">
<system.web>
<authorization>
<deny users ="?"/>
</authorization>
</system.web>
</location>
<location path="menu">
<system.web>
<authorization>
<deny users ="?"/>
</authorization>
</system.web>
</location>
Any ideas??
J.
 
G

Guest

Elrod,
Rule one of security: Don't make your own security.

IIS web application properties asp.net configuration. Ask in another group
if you still need help.

Good Luck
DWS
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

i loose my authentication ticket, but i am still able to access other web pages 0
How to loop through all the other pages in a pdf using python 3
Authentication Ticket Timeout 5
What am I doing wrong with authentication? 3
Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Blocking Direct URL Access through web config 1
Not able to Login after I visit a page which has been excluded from Forms Authentication. 1
Multiple pages for Location tags? 4

Members online

Total: 21 (members: 2, guests: 19)
Robots: 402

Forum statistics

Threads
473,755
Messages
2,569,536
Members
45,020
Latest member
GenesisGai

Latest Threads

Top