Page Authentication

Discussion in 'ASP .Net' started by js, Aug 16, 2005.

  1. js

    js Guest

    I am building a intranet site that has public and private information
    that are rendered by ASP.Net pages. The site is not partitioned into
    private/public folders. When users hit the site's URL, no
    authentication is needed. When the users click a logon button, a
    Windows logon dialog box should show up. Right now the Windows logon
    dialog box appears as soon as the browse hit the URL. How can I use
    page level authentication, instead of site level authentication without
    using ASP.Net Forms authentication provider? The following are
    authentication configurations in the IIS6 and ASP.Net web.config:

    II6:
    Enable anonymous access (disabled)
    Integrated Windows authentication (enabled)
    Enable default content page (enabled and with main.aspx,
    underConstruction.aspx in the list)

    Web.config:
    <authentication mode="Windows" />
    <authorization>
    <allow users="*" />
    </authorization>
     
    js, Aug 16, 2005
    #1
    1. Advertising

  2. HI,

    We can bypass the Authentication by giving the location in web.config file
    like below.
    I hope this will work for u.

    <location path="Login.aspx">
    <system.web>
    <authorization>
    <allow users="*" />
    </authorization>
    </system.web>
    </location>


    "js" wrote:

    > I am building a intranet site that has public and private information
    > that are rendered by ASP.Net pages. The site is not partitioned into
    > private/public folders. When users hit the site's URL, no
    > authentication is needed. When the users click a logon button, a
    > Windows logon dialog box should show up. Right now the Windows logon
    > dialog box appears as soon as the browse hit the URL. How can I use
    > page level authentication, instead of site level authentication without
    > using ASP.Net Forms authentication provider? The following are
    > authentication configurations in the IIS6 and ASP.Net web.config:
    >
    > II6:
    > Enable anonymous access (disabled)
    > Integrated Windows authentication (enabled)
    > Enable default content page (enabled and with main.aspx,
    > underConstruction.aspx in the list)
    >
    > Web.config:
    > <authentication mode="Windows" />
    > <authorization>
    > <allow users="*" />
    > </authorization>
    >
    >
     
    =?Utf-8?B?a2NoYWxsYQ==?=, Aug 17, 2005
    #2
    1. Advertising

  3. js

    js Guest

    Thanks for your response. I did as you suggested, but the Windows
    logon dialog box still popping up. In addition, when I click on the
    Logon button on the main.aspx, I got
    Server Error in '/' Application. I am posting my Web.config for your
    refence.
    --------------------------------------------------------------------------------
    Runtime Error
    Description: An application error occurred on the server. The current
    custom error settings for this application prevent the details of the
    application error from being viewed remotely (for security reasons). It
    could, however, be viewed by browsers running on the local server
    machine.

    Details: To enable the details of this specific error message to be
    viewable on remote machines, please create a <customErrors> tag within
    a "web.config" configuration file located in the root directory of the
    current web application. This <customErrors> tag should then have its
    "mode" attribute set to "Off".

    <!-- Web.Config Configuration File -->
    <configuration>
    <configSections>
    <section name="enterpriselibrary.configurationSettings"
    type="Microsoft.Practices.EnterpriseLibrary.Configuration.ConfigurationManagerSectionHandler,

    Microsoft.Practices.EnterpriseLibrary.Configuration,
    Version=1.0.0.0, Culture=neutral, PublicKeyToken=60c24972b7c20af7" />
    <section name="sessionState"
    type="System.Web.SessionState.SessionStateSectionHandler,

    System.Web, Version=1.0.3300.0, Culture=neutral,

    PublicKeyToken=b03f5f7f11d50a3a" allowDefinition="MachineToApplication"
    />
    </configSections>

    <appSettings>
    <add key="safeParameters"
    value="OrderID-int32,CustomerEmail-email,ShippingZipcode-USzip" />
    </appSettings>

    <location path="2validateuser.asp">
    <system.web>
    <compilation defaultLanguage="c#" debug="true" />
    <customErrors mode="Off" />
    <authentication mode="Windows"/>
    <authorization><allow users="*"/></authorization>
    <trace enabled="false" requestLimit="10" pageOutput="false"
    traceMode="SortByTime" localOnly="true" />
    <sessionState cookieless="true" timeout="20" />
    </system.web>
    </location>

    <enterpriselibrary.configurationSettings
    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    applicationName="DMS_ASPX"
    xmlns="http://www.microsoft.com/practices/enterpriselibrary/08-31-2004/configuration">
    <configurationSections>
    <configurationSection xsi:type="ReadOnlyConfigurationSectionData"
    name="dataConfiguration" encrypt="false">
    <storageProvider xsi:type="XmlFileStorageProviderData" name="XML
    File Storage Provider" path="dataConfiguration.config" />
    <dataTransformer xsi:type="XmlSerializerTransformerData"
    name="Xml Serializer Transformer">
    <includeTypes />
    </dataTransformer>
    </configurationSection>
    </configurationSections>
    <keyAlgorithmStorageProvider xsi:nil="true" />
    <includeTypes />
    </enterpriselibrary.configurationSettings>
    </configuration>
     
    js, Aug 17, 2005
    #3
  4. We can do the Windows authentication in several ways, what im doing is im
    using the Forms Authentication and Enable anonymous access (enabled) in IIS.
    Im getting the username and password , after that im Authenticating the User
    using LDAP connection.

    when u enable the Integrated Windows Authentication, u cant get rid of the
    popup box anyway.

    Could you please confirm this

    <location path="2validateuser.asp">

    is it .asp or .aspx?


    "js" wrote:

    > Thanks for your response. I did as you suggested, but the Windows
    > logon dialog box still popping up. In addition, when I click on the
    > Logon button on the main.aspx, I got
    > Server Error in '/' Application. I am posting my Web.config for your
    > refence.
    > --------------------------------------------------------------------------------
    > Runtime Error
    > Description: An application error occurred on the server. The current
    > custom error settings for this application prevent the details of the
    > application error from being viewed remotely (for security reasons). It
    > could, however, be viewed by browsers running on the local server
    > machine.
    >
    > Details: To enable the details of this specific error message to be
    > viewable on remote machines, please create a <customErrors> tag within
    > a "web.config" configuration file located in the root directory of the
    > current web application. This <customErrors> tag should then have its
    > "mode" attribute set to "Off".
    >
    > <!-- Web.Config Configuration File -->
    > <configuration>
    > <configSections>
    > <section name="enterpriselibrary.configurationSettings"
    > type="Microsoft.Practices.EnterpriseLibrary.Configuration.ConfigurationManagerSectionHandler,
    >

    Microsoft.Practices.EnterpriseLibrary.Configuration,
    > Version=1.0.0.0, Culture=neutral, PublicKeyToken=60c24972b7c20af7" />
    > <section name="sessionState"
    > type="System.Web.SessionState.SessionStateSectionHandler,


    > System.Web, Version=1.0.3300.0, Culture=neutral,


    > PublicKeyToken=b03f5f7f11d50a3a" allowDefinition="MachineToApplication"
    > />
    > </configSections>
    >
    > <appSettings>
    > <add key="safeParameters"
    > value="OrderID-int32,CustomerEmail-email,ShippingZipcode-USzip" />
    > </appSettings>
    >
    > <location path="2validateuser.asp">
    > <system.web>
    > <compilation defaultLanguage="c#" debug="true" />
    > <customErrors mode="Off" />
    > <authentication mode="Windows"/>
    > <authorization><allow users="*"/></authorization>
    > <trace enabled="false" requestLimit="10" pageOutput="false"
    > traceMode="SortByTime" localOnly="true" />
    > <sessionState cookieless="true" timeout="20" />
    > </system.web>
    > </location>
    >
    > <enterpriselibrary.configurationSettings
    > xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    > applicationName="DMS_ASPX"
    > xmlns="http://www.microsoft.com/practices/enterpriselibrary/08-31-2004/configuration">
    > <configurationSections>
    > <configurationSection xsi:type="ReadOnlyConfigurationSectionData"
    > name="dataConfiguration" encrypt="false">
    > <storageProvider xsi:type="XmlFileStorageProviderData" name="XML
    > File Storage Provider" path="dataConfiguration.config" />
    > <dataTransformer xsi:type="XmlSerializerTransformerData"
    > name="Xml Serializer Transformer">
    > <includeTypes />
    > </dataTransformer>
    > </configurationSection>
    > </configurationSections>
    > <keyAlgorithmStorageProvider xsi:nil="true" />
    > <includeTypes />
    > </enterpriselibrary.configurationSettings>
    > </configuration>
    >
    >
     
    =?Utf-8?B?a2NoYWxsYQ==?=, Aug 17, 2005
    #4
  5. js

    js Guest

    It's an classic ASP. I am in the process of converting all ASP to
    ASPX. I have not got there yet. Thus the 2validateuser.asp is still
    the classic ASP. It seems to me that ASP.Net doesn't like the
    <location> element with path attribute in it. As in my Web.config, it
    seems all configuration only apply to 2validateuser.asp.
     
    js, Aug 17, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Andrew Connell
    Replies:
    1
    Views:
    567
    Natty Gur
    Oct 21, 2003
  2. raj mandadi
    Replies:
    0
    Views:
    447
    raj mandadi
    Dec 22, 2003
  3. Brett Porter
    Replies:
    2
    Views:
    804
    Andrea D'Onofrio [MSFT]
    Jan 20, 2004
  4. Mark
    Replies:
    0
    Views:
    705
  5. Don Juan
    Replies:
    2
    Views:
    339
    Don Juan
    Feb 27, 2009
Loading...

Share This Page