Page Authentication

[js]

I am building a intranet site that has public and private information
that are rendered by ASP.Net pages. The site is not partitioned into
private/public folders. When users hit the site's URL, no
authentication is needed. When the users click a logon button, a
Windows logon dialog box should show up. Right now the Windows logon
dialog box appears as soon as the browse hit the URL. How can I use
page level authentication, instead of site level authentication without
using ASP.Net Forms authentication provider? The following are
authentication configurations in the IIS6 and ASP.Net web.config:

II6:
Enable anonymous access (disabled)
Integrated Windows authentication (enabled)
Enable default content page (enabled and with main.aspx,
underConstruction.aspx in the list)

Web.config:
<authentication mode="Windows" />
<authorization>
<allow users="*" />
</authorization>

 

[Guest]

HI,

We can bypass the Authentication by giving the location in web.config file
like below.
I hope this will work for u.

<location path="Login.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

 

[js]

Thanks for your response. I did as you suggested, but the Windows
logon dialog box still popping up. In addition, when I click on the
Logon button on the main.aspx, I got
Server Error in '/' Application. I am posting my Web.config for your
refence.
--------------------------------------------------------------------------------
Runtime Error
Description: An application error occurred on the server. The current
custom error settings for this application prevent the details of the
application error from being viewed remotely (for security reasons). It
could, however, be viewed by browsers running on the local server
machine.

Details: To enable the details of this specific error message to be
viewable on remote machines, please create a <customErrors> tag within
a "web.config" configuration file located in the root directory of the
current web application. This <customErrors> tag should then have its
"mode" attribute set to "Off".

<!-- Web.Config Configuration File -->
<configuration>
<configSections>
<section name="enterpriselibrary.configurationSettings"
type="Microsoft.Practices.EnterpriseLibrary.Configuration.ConfigurationManagerSectionHandler,

Microsoft.Practices.EnterpriseLibrary.Configuration,
Version=1.0.0.0, Culture=neutral, PublicKeyToken=60c24972b7c20af7" />
<section name="sessionState"
type="System.Web.SessionState.SessionStateSectionHandler,

System.Web, Version=1.0.3300.0, Culture=neutral,

PublicKeyToken=b03f5f7f11d50a3a" allowDefinition="MachineToApplication"
/>
</configSections>

<appSettings>
<add key="safeParameters"
value="OrderID-int32,CustomerEmail-email,ShippingZipcode-USzip" />
</appSettings>

<location path="2validateuser.asp">
<system.web>
<compilation defaultLanguage="c#" debug="true" />
<customErrors mode="Off" />
<authentication mode="Windows"/>
<authorization><allow users="*"/></authorization>
<trace enabled="false" requestLimit="10" pageOutput="false"
traceMode="SortByTime" localOnly="true" />
<sessionState cookieless="true" timeout="20" />
</system.web>
</location>

<enterpriselibrary.configurationSettings
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
applicationName="DMS_ASPX"
xmlns="http://www.microsoft.com/practices/enterpriselibrary/08-31-2004/configuration">
<configurationSections>
<configurationSection xsi:type="ReadOnlyConfigurationSectionData"
name="dataConfiguration" encrypt="false">
<storageProvider xsi:type="XmlFileStorageProviderData" name="XML
File Storage Provider" path="dataConfiguration.config" />
<dataTransformer xsi:type="XmlSerializerTransformerData"
name="Xml Serializer Transformer">
<includeTypes />
</dataTransformer>
</configurationSection>
</configurationSections>
<keyAlgorithmStorageProvider xsi:nil="true" />
<includeTypes />
</enterpriselibrary.configurationSettings>
</configuration>

 

[Guest]

We can do the Windows authentication in several ways, what im doing is im
using the Forms Authentication and Enable anonymous access (enabled) in IIS.
Im getting the username and password , after that im Authenticating the User
using LDAP connection.

when u enable the Integrated Windows Authentication, u cant get rid of the
popup box anyway.

Could you please confirm this

<location path="2validateuser.asp">

is it .asp or .aspx?

Thanks for your response. I did as you suggested, but the Windows
logon dialog box still popping up. In addition, when I click on the
Logon button on the main.aspx, I got
Server Error in '/' Application. I am posting my Web.config for your
refence.
--------------------------------------------------------------------------------
Runtime Error
Description: An application error occurred on the server. The current
custom error settings for this application prevent the details of the
application error from being viewed remotely (for security reasons). It
could, however, be viewed by browsers running on the local server
machine.

Details: To enable the details of this specific error message to be
viewable on remote machines, please create a <customErrors> tag within
a "web.config" configuration file located in the root directory of the
current web application. This <customErrors> tag should then have its
"mode" attribute set to "Off".

<!-- Web.Config Configuration File -->
<configuration>
<configSections>
<section name="enterpriselibrary.configurationSettings"
type="Microsoft.Practices.EnterpriseLibrary.Configuration.ConfigurationManagerSectionHandler,
Microsoft.Practices.EnterpriseLibrary.Configuration,
Version=1.0.0.0, Culture=neutral, PublicKeyToken=60c24972b7c20af7" />
<section name="sessionState"
type="System.Web.SessionState.SessionStateSectionHandler,

 

[js]

It's an classic ASP. I am in the process of converting all ASP to
ASPX. I have not got there yet. Thus the 2validateuser.asp is still
the classic ASP. It seems to me that ASP.Net doesn't like the
<location> element with path attribute in it. As in my Web.config, it
seems all configuration only apply to 2validateuser.asp.