Protecting site content

Discussion in 'ASP .Net Security' started by James, May 7, 2004.

  1. James

    James Guest

    I am using ASP.NET authentication and authorization to protect content in certian portions of a site. Through web.config and other means, I define user roles to access certain directories

    I also want this protection applied to static content (such as html and images). Originally this did not work b/c IIS was not doing a check with ASP.NET when retrieving such content. I updated the Action Mappings for these file extensions so that they were associated with the ASP.NET ISAPI DLL

    It works except for one thing

    The check is not performed when a default document is returned. Meaning, if I go to http://localhost/protected/ my browser displays default.htm (when it should redirect me to login). However, if I go to http://localhost/protected/default.htm I get redirected

    It's obvious that the check is not occuring b/c there is no extension mapping. Can I configure IIS to verify with .NET even if the GET was not for a particular document, but just a directory?
     
    James, May 7, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Kevin Spencer

    Re: Protecting Code Behind Pages

    Kevin Spencer, Jul 7, 2003, in forum: ASP .Net
    Replies:
    2
    Views:
    405
    Kevin Spencer
    Jul 7, 2003
  2. MrRogers
    Replies:
    19
    Views:
    723
    informant
    May 28, 2004
  3. RainLover
    Replies:
    1
    Views:
    317
    PeterMcC
    Aug 4, 2004
  4. hazz
    Replies:
    6
    Views:
    49,671
    SkyUCHC
    Jun 9, 2010
  5. vinther

    protecting a site using logon

    vinther, May 24, 2004, in forum: ASP .Net Security
    Replies:
    0
    Views:
    101
    vinther
    May 24, 2004
Loading...

Share This Page