Strange problem in asp.net 2.0 (work in 1.1)

Discussion in 'ASP .Net' started by Allen Harkleroad, May 21, 2009.

  1. Hi,

    I have a strange problem. We develop CMS solutions and in our asp.net 1.1
    version I can restrict downloads by mapping the file extension to the 1.1
    aspnet_isapi DLL, I also restrict the folder containing the restricted
    download files to prevent direct access to them. I am winning Server 2003
    with IIS 6, both 1.1 and 2.0 are installed properly (we have both 1.1 and
    2.0 sites running.



    However we migrated our CMS to 2.0 and all is well and works properly except
    the fact that when I map the file extension to the 2.0 aspnet_isapi DLL in
    IIS and restrict the folder as I did in 1.1 logged in users get a timeout
    trying to download the fie, non-logged in users of course get our access
    denied/login as they should.



    If I remove the mapping them any user (non-logged in and logged in) can
    access and download the file.



    In the web.config (Content is the folder containing restricted files (*.zip
    mapped in IIS).



    <location path="Content">

    <system.web>

    <authorization>

    <allow roles="Admins"/>

    <allow roles="Editors"/>

    <allow roles="Subscribers"/>

    <deny users="*" />

    </authorization>

    </system.web>

    </location>



    Is there a change in asp.net 2.0 from 1.1 that I missing? The same routine
    works perfectly in our asp.net 1.1 version.
    Allen Harkleroad, May 21, 2009
    #1
    1. Advertising

  2. There is a document of breaking changes from .NET 1.1 to .NET 2.0. I am not
    sure if this is one of them. If I can find the link (the old one is broken
    now as GotDotNet.com is no longer a supported site), I will post it.

    Perhaps a google search. Thus far I have found:

    http://learn.iis.net/page.aspx/381/aspnet-20-breaking-changes-on-iis-70/

    http://mvolo.com/blogs/serverside/a...ASP.NET-2.0-applications-Integrated-mode.aspx

    The original(s) were a Word doc and a CHM file.

    --
    Gregory A. Beamer
    MVP; MCP: +I, SE, SD, DBA

    *************************************************
    | Think outside the box! |
    *************************************************


    "Allen Harkleroad" <allen _ mvp at msn dot com> wrote in message
    news:##...
    > Hi,
    >
    > I have a strange problem. We develop CMS solutions and in our asp.net 1.1
    > version I can restrict downloads by mapping the file extension to the 1.1
    > aspnet_isapi DLL, I also restrict the folder containing the restricted
    > download files to prevent direct access to them. I am winning Server 2003
    > with IIS 6, both 1.1 and 2.0 are installed properly (we have both 1.1 and
    > 2.0 sites running.
    >
    >
    >
    > However we migrated our CMS to 2.0 and all is well and works properly
    > except the fact that when I map the file extension to the 2.0 aspnet_isapi
    > DLL in IIS and restrict the folder as I did in 1.1 logged in users get a
    > timeout trying to download the fie, non-logged in users of course get our
    > access denied/login as they should.
    >
    >
    >
    > If I remove the mapping them any user (non-logged in and logged in) can
    > access and download the file.
    >
    >
    >
    > In the web.config (Content is the folder containing restricted files
    > (*.zip mapped in IIS).
    >
    >
    >
    > <location path="Content">
    >
    > <system.web>
    >
    > <authorization>
    >
    > <allow roles="Admins"/>
    >
    > <allow roles="Editors"/>
    >
    > <allow roles="Subscribers"/>
    >
    > <deny users="*" />
    >
    > </authorization>
    >
    > </system.web>
    >
    > </location>
    >
    >
    >
    > Is there a change in asp.net 2.0 from 1.1 that I missing? The same routine
    > works perfectly in our asp.net 1.1 version.
    >
    >
    Cowboy \(Gregory A. Beamer\), May 21, 2009
    #2
    1. Advertising

  3. Thanks will check them out, if you can find that link it would be great.

    Allen


    "Cowboy (Gregory A. Beamer)" <> wrote in
    message news:...
    > There is a document of breaking changes from .NET 1.1 to .NET 2.0. I am
    > not sure if this is one of them. If I can find the link (the old one is
    > broken now as GotDotNet.com is no longer a supported site), I will post
    > it.
    >
    > Perhaps a google search. Thus far I have found:
    >
    > http://learn.iis.net/page.aspx/381/aspnet-20-breaking-changes-on-iis-70/
    >
    > http://mvolo.com/blogs/serverside/a...ASP.NET-2.0-applications-Integrated-mode.aspx
    >
    > The original(s) were a Word doc and a CHM file.
    >
    > --
    > Gregory A. Beamer
    > MVP; MCP: +I, SE, SD, DBA
    >
    > *************************************************
    > | Think outside the box! |
    > *************************************************
    >
    >
    > "Allen Harkleroad" <allen _ mvp at msn dot com> wrote in message
    > news:##...
    >> Hi,
    >>
    >> I have a strange problem. We develop CMS solutions and in our asp.net 1.1
    >> version I can restrict downloads by mapping the file extension to the 1.1
    >> aspnet_isapi DLL, I also restrict the folder containing the restricted
    >> download files to prevent direct access to them. I am winning Server 2003
    >> with IIS 6, both 1.1 and 2.0 are installed properly (we have both 1.1 and
    >> 2.0 sites running.
    >>
    >>
    >>
    >> However we migrated our CMS to 2.0 and all is well and works properly
    >> except the fact that when I map the file extension to the 2.0
    >> aspnet_isapi DLL in IIS and restrict the folder as I did in 1.1 logged in
    >> users get a timeout trying to download the fie, non-logged in users of
    >> course get our access denied/login as they should.
    >>
    >>
    >>
    >> If I remove the mapping them any user (non-logged in and logged in) can
    >> access and download the file.
    >>
    >>
    >>
    >> In the web.config (Content is the folder containing restricted files
    >> (*.zip mapped in IIS).
    >>
    >>
    >>
    >> <location path="Content">
    >>
    >> <system.web>
    >>
    >> <authorization>
    >>
    >> <allow roles="Admins"/>
    >>
    >> <allow roles="Editors"/>
    >>
    >> <allow roles="Subscribers"/>
    >>
    >> <deny users="*" />
    >>
    >> </authorization>
    >>
    >> </system.web>
    >>
    >> </location>
    >>
    >>
    >>
    >> Is there a change in asp.net 2.0 from 1.1 that I missing? The same
    >> routine works perfectly in our asp.net 1.1 version.
    >>
    >>
    Allen Harkleroad, May 21, 2009
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Sammy
    Replies:
    2
    Views:
    424
    Steven Cheng[MSFT]
    May 18, 2004
  2. Phil Winstanley [Microsoft MVP ASP.NET]
    Replies:
    1
    Views:
    430
    Sammy
    May 17, 2004
  3. craig dicker
    Replies:
    9
    Views:
    672
    Juan T. Llibre
    Jul 7, 2005
  4. Mark
    Replies:
    5
    Views:
    979
  5. Ken
    Replies:
    2
    Views:
    332
Loading...

Share This Page