Password protect/Forms authentication method

Discussion in 'ASP .Net' started by sunniyeow@gmail.com, Sep 10, 2005.

  1. Guest

    Hi, My question is regarding password protecting 2 different folders
    inside a single virtual directory using forms authentication method.
    Easier if I illustrate things out...

    - <authentication mode="Forms">
    - Virtual Directory aka Top Level Root = /mysite
    - Inside /mysite I have 2 sub-folders which I want to password protect
    = /adminonly and /memberonly
    - /adminonly is assigned to a single Admin user with a hard-coded pair
    of username and password
    - /memberonly username and password values are taken from a database,
    therefore are dynamic
    - I have 2 separate login pages called
    /mysite/adminonly/adminlogin.aspx and /mysite/memberlogin.aspx

    I have no problems getting things to work for each individual folder
    (therefore my programming codes are correct) BUT I cannot get it to
    work with both sub-folders at the same time under the same virtual
    directory. I am getting very confused with my web.config,
    <authorization>, <location path="adminonly">, <location
    path="memberonly">, etc. settings.

    Please help clear my confusion. Thanks.
     
    , Sep 10, 2005
    #1
    1. Advertising

  2. Hi Sunni,

    What exactly did you mean "BUT I cannot get it to
    work with both sub-folders at the same time under the same virtual
    directory."?

    One more question: was there any reason to have used a separate login page
    for members and admins?

    --
    HTH,
    Rakesh Rajan
    MVP, MCSD
    http://www.msmvps.com/rakeshrajan/



    "" wrote:

    > Hi, My question is regarding password protecting 2 different folders
    > inside a single virtual directory using forms authentication method.
    > Easier if I illustrate things out...
    >
    > - <authentication mode="Forms">
    > - Virtual Directory aka Top Level Root = /mysite
    > - Inside /mysite I have 2 sub-folders which I want to password protect
    > = /adminonly and /memberonly
    > - /adminonly is assigned to a single Admin user with a hard-coded pair
    > of username and password
    > - /memberonly username and password values are taken from a database,
    > therefore are dynamic
    > - I have 2 separate login pages called
    > /mysite/adminonly/adminlogin.aspx and /mysite/memberlogin.aspx
    >
    > I have no problems getting things to work for each individual folder
    > (therefore my programming codes are correct) BUT I cannot get it to
    > work with both sub-folders at the same time under the same virtual
    > directory. I am getting very confused with my web.config,
    > <authorization>, <location path="adminonly">, <location
    > path="memberonly">, etc. settings.
    >
    > Please help clear my confusion. Thanks.
    >
    >
     
    =?Utf-8?B?UmFrZXNoIFJhamFu?=, Sep 10, 2005
    #2
    1. Advertising

  3. Guest

    Hi,

    What I mean by that is...IF I want to only password protect 1
    sub-folder, my programming codes work perfectly. BUT I am not able to
    password protect 2 sub-folders at the same time.

    Regarding the separate login page - no reason other than my own
    preference. But I have indeed thought about this issue too. Maybe if I
    use only 1 single login page, things will work for me?

    Thanks.
     
    , Sep 10, 2005
    #3
  4. Hi,

    You need have only one login page.

    Depending upon the security roles you have specified, you could prevent
    admin from accessing membersonly area etc.

    Let me know if you need more assistance.

    --
    HTH,
    Rakesh Rajan
    MVP, MCSD
    http://www.msmvps.com/rakeshrajan/



    "" wrote:

    > Hi,
    >
    > What I mean by that is...IF I want to only password protect 1
    > sub-folder, my programming codes work perfectly. BUT I am not able to
    > password protect 2 sub-folders at the same time.
    >
    > Regarding the separate login page - no reason other than my own
    > preference. But I have indeed thought about this issue too. Maybe if I
    > use only 1 single login page, things will work for me?
    >
    > Thanks.
    >
    >
     
    =?Utf-8?B?UmFrZXNoIFJhamFu?=, Sep 12, 2005
    #4
  5. Guest

    Hi Rakesh,

    Looks like we're heading in the right direction. Ok on only 1 single
    login page.
    I understand what you mean by assigning different security roles but my
    ..Net skills isn't up to par to pulling that off.

    Yes, it would be great if you can provide me with a sample web.config
    file with the security roles concept based on my requirements.

    Thanks Rakesh for your time.
    -Sun Ni-
     
    , Sep 14, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Peter Rilling
    Replies:
    1
    Views:
    616
    John Saunders
    Jun 7, 2004
  2. Alan Silver
    Replies:
    7
    Views:
    548
    Alan Silver
    Jan 3, 2006
  3. Ronald S. Cook
    Replies:
    4
    Views:
    1,044
    Erik Funkenbusch
    Mar 13, 2006
  4. Steve R.
    Replies:
    4
    Views:
    146
    Steve R.
    Jun 21, 2004
  5. Stephen Davies

    Forms Authentication to protect .cgi application problem

    Stephen Davies, Dec 30, 2004, in forum: ASP .Net Security
    Replies:
    1
    Views:
    412
    [MSFT]
    Dec 31, 2004
Loading...

Share This Page