Re: Protect an entire directory (including non-ASP.NET files)

Discussion in 'ASP .Net' started by Xavier MT, Aug 19, 2003.

  1. Xavier MT

    Xavier MT Guest

    You can also use forms authentication in asp.net
    For me it's been great!
    You just define users and roles for those users and use the web.config
    combined probably with an sql server database for users and roles
    It's real easy and secure

    Xavier

    "Scott Schluer" <> wrote in message
    news:erN%...
    > I'm using ASP.NET to build a small application for a company. Can someone
    > clue me in as to how I would go about protecting an entire directory

    within
    > this website? We have VERY sensitive information including documents of

    all
    > types that cannot be compromised. Windows authentication seems to be the
    > best answer, but I need an admin interface that will allow an admin to
    > add/remove users (if we use Windows Authentication the user will need to
    > programatically add/delete NT users -- how do I do this)?
    >
    > Thanks!
    >
    > Scott
    >
    >
     
    Xavier MT, Aug 19, 2003
    #1
    1. Advertising

  2. I was already using forms authentication, however we have a bunch of .PDF,
    ..GIF files, etc. that need to be protected also. Forms authentication by
    default only protects ASP.NET resources (.aspx, .ascx, etc). I implemented
    the scenario you just described (roles-based authentication) on another site
    with great success. The problem here was that I need the entire directory
    protected, not just ASP.NET resources and Windows authentication does a
    great job of that. The other guy that answered my post explained how to add
    other file extentions to the ASP.NET forms authentication by routing those
    requests through the .NET process.

    Thanks for the response!

    Scott


    "Xavier MT" <> wrote in message
    news:...
    > You can also use forms authentication in asp.net
    > For me it's been great!
    > You just define users and roles for those users and use the web.config
    > combined probably with an sql server database for users and roles
    > It's real easy and secure
    >
    > Xavier
    >
    > "Scott Schluer" <> wrote in message
    > news:erN%...
    > > I'm using ASP.NET to build a small application for a company. Can

    someone
    > > clue me in as to how I would go about protecting an entire directory

    > within
    > > this website? We have VERY sensitive information including documents of

    > all
    > > types that cannot be compromised. Windows authentication seems to be the
    > > best answer, but I need an admin interface that will allow an admin to
    > > add/remove users (if we use Windows Authentication the user will need to
    > > programatically add/delete NT users -- how do I do this)?
    > >
    > > Thanks!
    > >
    > > Scott
    > >
    > >

    >
    >
     
    Scott Schluer, Aug 19, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. MS News \(MS ILM\)
    Replies:
    1
    Views:
    426
    Scott Schluer
    Aug 19, 2003
  2. Peter Rilling
    Replies:
    1
    Views:
    630
    John Saunders
    Jun 7, 2004
  3. Ronald S. Cook
    Replies:
    4
    Views:
    1,059
    Erik Funkenbusch
    Mar 13, 2006
  4. Luca Villa
    Replies:
    1
    Views:
    111
    Luca Villa
    Nov 10, 2007
  5. ifiaz
    Replies:
    3
    Views:
    265
    ifiaz
    Jan 31, 2009
Loading...

Share This Page