Hi again,
If I use your piece of code:
<allow users="*">
<deny user=DOMAIN\someusers>
can u give details of error
Doesn't this mean if I had 100 users in the company , I would have to deny
94 users if only 6 of them were allowed to view the page?
I was thinking of something like windows authentication where a window pops
up asking for user/pass when you access the page.
Below is the error message I got after using the web.config file I attempted
to write.
Thanks!
ET
Server Error in '/' Application.
----------------------------------------------------------------------------
----
The "SendUsing" configuration value is invalid.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.
Exception Details: System.Runtime.InteropServices.COMException: The
"SendUsing" configuration value is invalid.
Source Error:
The source code that generated this unhandled exception can only be
shown when compiled in debug mode. To enable this, please follow one of the
below steps, then request the URL:
1. Add a "Debug=true" directive at the top of the file that generated
the error. Example:
<%@ Page Language="C#" Debug="true" %>
or:
2) Add the following section to the configuration file of your
application:
<configuration>
<system.web>
<compilation debug="true"/>
</system.web>
</configuration>
Note that this second technique will cause all files within a given
application to be compiled in debug mode. The first technique will cause
only that particular file to be compiled in debug mode.
Important: Running applications in debug mode does incur a
memory/performance overhead. You should make sure that an application has
debugging disabled before deploying into production scenario.
Stack Trace:
[COMException (0x80040220): The "SendUsing" configuration value is
invalid.] [TargetInvocationException: Exception has been thrown by the
target of an invocation.] System.RuntimeType.InvokeDispMethod(String name,
BindingFlags invokeAttr, Object target, Object[] args, Boolean[]
byrefModifiers, Int32 culture, String[] namedParameters) +0
System.RuntimeType.InvokeMember(String name, BindingFlags invokeAttr, Binder
binder, Object target, Object[] args, ParameterModifier[] modifiers,
CultureInfo culture, String[] namedParameters) +473
System.Web.Mail.LateBoundAccessHelper.CallMethod(Object obj, String
methodName, Object[] args) +58 [HttpException (0x80004005): Could not access
'CDO.Message' object.]
System.Web.Mail.LateBoundAccessHelper.CallMethod(Object obj, String
methodName, Object[] args) +113
System.Web.Mail.CdoSysHelper.Send(MailMessage message) +1846
System.Web.Mail.SmtpMail.Send(MailMessage message) +153
_ASP.test_req_aspx.Send_Email(Object Sender, EventArgs e) +552
System.Web.UI.HtmlControls.HtmlInputButton.OnServerClick(EventArgs e) +108
System.Web.UI.HtmlControls.HtmlInputButton.System.Web.UI.IPostBackEventHandl
er.RaisePostBackEvent(String eventArgument) +57
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl,
String eventArgument) +18
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
System.Web.UI.Page.ProcessRequestMain() +1277
----------------------------------------------------------------------------
----
Version Information: Microsoft .NET Framework Version:1.1.4322.573; ASP.NET
Version:1.1.4322.573
.NET Follower said:
hi,
<deny users="*"/> <!-- Deny all (other) users ?? -->
u can do as this
<allow users="*">
<deny user=DOMAIN\someusers>
can u give details of error
if u dont specify login page....
where will u redirect the user....
--
Thanks and Regards,
Amit Agarwal
Software Programmer(.NET)
ET said:
Hi again,
Do you absolutely must create some kind of login page for the web.config
file to work? I placed the file in the directory however I kept on getting
the same error message (Server Error in '/'Application). What am I missing?
Thanks again!
ET
my web.config file:
========
<configuration>
<location path="test_req.aspx">
<security>
<system.web>
<customErrors mode="Off"/>
<authorization>
<allow users="DOMAIN\someuser"/>
<deny users="*"/> <!-- Deny all (other) users ?? -->
</authorization>
</system.web>
</security>
</location>
</configuration>
========
David Coe said:
ET -
You have some very valid questions, and I will try to make sense of
what
you are asking.
Yes, you can use the windows domain accounts instead of a database to
authenticate your users. You will need to enable IIS for Windows
authentication, and then in the web.config file, use <authentication
mode="Windows" /> and said:
roles="[comma separated list of
roles]"/><deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
--></authorization> ... you can either list all of the
users
you want to allow/deny access to, or you can list specific roles that you
want to allow access to (ie, administrator).
You have a few options when it comes to configuring access for each
directory. You can either put a web.config file in each directory, or in
your top-level web.config file you can add a <location> element and specify
the directories that you want to allow/deny access to. For instance:
<!--close the system.web element></system.web><location
path="folder_or_file_name"><system.web><authorization><allow users="*"
/><!-- Allow all users --><!-- <allow users="[comma separated list of
users]" roles="[comma
separated list of roles]"/><deny users="[comma separated list of
users]" roles="[comma
separated list of roles]"/>
--> said: