IIS 6/ASP.NET Website Forms Authentication and Access Control Question

Discussion in 'ASP .Net' started by William F. Zachmann, May 23, 2005.

  1. A web site that will run on Windows Server 2003 and IIS 6.0 needs to provide
    three levels of access, one for the public and two others for two levels of
    subscribers. This is a port of a prior site that runs on an old version of
    the Netscape Web server (which manages user authentication and access). The
    three levels of access are currently served up by three different versions
    of an ISAPI DLL, written in C++, also managed by the Netscape web server.
    The DLL responds to inquiries against a SQL database and directly outputs
    formatted Web pages. It is not practical to re-write the DLL.

    So the challenge is to figure out how best to handle user authentication and
    access control in the new environment. I have got it to the point where the
    site works as it should by putting the three different versions of the DLL
    (which three Netscape managed out of a directory of its own) directly into
    the three main directories associated with the three different levels of
    access, but with only a placeholder page for user authentication and, as
    yet, no access control whatsoever. I have simple replaced the former user
    login (CGI) page with links to the main pages in the directories for the two
    subscriber levels.

    The main question then is: How best to manage user authentication and
    access?

    It looks like this should be possible using ASP.NET forms authentication,
    handling user authentication via a newly written logon page written in C#,
    but I am having a hard time figuring out exactly how to configure the web
    site to do that. I have been experimenting with the forms authentication
    examples in Chapter 8 of Jeff Webb's MCAD/MCSD Self-Paced Training Kit book
    "Developing Web Applications with Microsoft Visual Basic.NET and Visual
    C#.NET" but have not yet been able to tweak things properly to get it
    working in the new site context.

    Secondary questions that have emerged in my process or trial and error
    include:

    How to configure NTFS file settings and IIS 6.0 directory security
    settings when using ASP.NET forms authentication?
    What, if any, settings are required regarding the three different
    versions of the ISAPI DLL?
    How, exactly to, configure the WEB.CONFIG files in the relevant
    directories?

    Any suggestions or pointers to good sources of information would be most
    appreciated.

    All the best,

    will

    William F. Zachmann, President
    Canopus Research Inc.
    http://www.canopusresearch.com
    William F. Zachmann, May 23, 2005
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Brett Porter
    Replies:
    2
    Views:
    739
    Andrea D'Onofrio [MSFT]
    Jan 20, 2004
  2. Eric
    Replies:
    2
    Views:
    1,379
    Tommy
    Feb 13, 2004
  3. Brett Porter
    Replies:
    2
    Views:
    183
    Andrea D'Onofrio [MSFT]
    Jan 20, 2004
  4. Eric
    Replies:
    2
    Views:
    458
  5. Michael D. Ober
    Replies:
    6
    Views:
    281
    Michael D. Ober
    Oct 30, 2006
Loading...

Share This Page