.net - Path Access In Web.config Without Using Forms Authentication?

Oct 14, 2010

I am required to control access to a specific file on our server. I suggested, for the time being (rather than affording time for other routes until we can), that we simply use the web.config to lock this file down to everyone by means of a location/system.web/authorization setting.

This soon failed to protect the resource and I quickly became aware why (I think). It is a public site and is not using Forms authentication (currently just defaulting to Windows).

So, for clarity, here are the relevant parts the config file...

<?xml version="1.0"?>
<configuration>
<system.web>
<authentication mode="Windows"/>
</system.web>
<location path="thefile.extension">
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</location>
</configuration>

Can I secure this resource without turning on Forms authentication? Or can I turn authentication on but never actually require authentication to occur, by allowing all resources but the ones explicitly stated, or by explicitly stating all allowed and denied resources?

View 1 Replies


Similar Messages:

Security :: Forms Authentication In Web.config / Access To Folder Be Made Via Login Form?

May 28, 2010

i have a problem with forms authentication. i have a website and want to restrict access to an especific folder. i want the access to this folder be made via the login form this is what i have in the web.config

<authentication mode="Forms">
<forms name="Compra" loginUrl="wfLogin.aspx" path="/" protection="All" timeout="30" />
</authentication>
<authorization>
<allow users="*"/>
</authorization>

Then this to restrict folder

<location path="Admin">
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</location>

the problem is that when the user login with valid information the website return to the login form.

View 7 Replies

Security :: Authentication And IP Access Through Web.config?

Mar 30, 2011

I need to put windows authentication on a site (so when a user access the site they are prompted with a username/password box) but I need certain IP addresses to bypass this authentication.

View 2 Replies

Access Path Denied - Is There Any Format To Set The Path As String

Feb 13, 2010

I had applied the following code as said by you :

byte[] b = YourByteArrayFromDb;
File.WriteAllBytes(MyFilePath, b);

But I am receiving an exception "Access to the path is denied". How do I solve this using ASP.Net with C#? And is there any format to set the path as string?

View 3 Replies

Get Error "The Configuration For Physical Path C:Web.Config Cannot Be Opened" While Decrypting The Web.config

Mar 25, 2010

aspnet_regiis.exe -pdf "connectionStrings" c:web.config And this is the error I got. Error - "The configuration for physical path 'C:Web.Config' cannot be opened. And the permissions of that file is not read only.

View 2 Replies

Web Forms :: Set Authentication Level's In Web Config?

Jan 11, 2010

how to set authentication level's in web config.

View 3 Replies

Security :: Authentication Method - Enable Anoymous Access And Basic Authentication?

Jul 14, 2010

This could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.

View 3 Replies

Security :: Set Forms Authentication To Website To Web.config File?

Mar 8, 2010

when i set forms authentication to my website to web.config file as

<authentication mode ="Forms">
<forms
loginUrl="login.aspx"></forms><authentication><authorization><deny
users="?"/></authorization>

and login button ,i write the following code

FormsAuthentication.RedirectFromLoginPage("login",
false);

and logout button ,i write the following code

FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();

it works but when i press browser back button after logout button click

it maintains the page history and the page will redirect to last requested page

View 7 Replies

Security :: Redirect From Web.config When Forms Authentication Failed?

Mar 7, 2011

I am using forms authentication to authenticate users. Application has multiple folders and one of the folders has its own web.config

[Code]....

I want to redirect the user to "info.aspx" instead of "login.aspx"Root has the following web config

[Code]....

View 8 Replies

Security :: Dotnetzip < Access To The Path Is Access Denied

Oct 5, 2010

I trying dotnetzip on localhost everything works fine.but on a real dotnet hosting it raises error :

Access to the path 'C:inetpubvhostslahblah.comsubdomains
aporhttpdocsDotNetZip-luqevaxu.tmp' is denied.
using (ZipFile zip = new ZipFile(Server.MapPath("~")+"/a.zip"))
{
zip.AddFile(Server.MapPath("~")+"/deneme.txt");
zip.Save();
}

View 1 Replies

Configuration :: Forms Authentication - Unable To Save Web.config Programmatically

Feb 24, 2011

im using visual studio 2008. in my project im using forms authentication,my project structure is as follows

root
|
login.aspx
home.aspx
web.config
admin (folder)
|
admin.aspx
web.config

root web.config is as follows

[Code]....

and inner web.config is

[Code]....

and my users are

Username Role
admin1 Admin
admin2 Admin
user1 User
user2 User

as you can see that in second web.config, i gave access to users with "Admin" role and "user1" user.

for giving access to "admin" folder, i wrote the following:

[Code]....

and saved the web.config as

[Code]....

this is working fine when i run it from visual studio development server, when i host it in IIS, im getting the following error

[Code]....

here the problem is, it is not able to save the web.config i got one solution, that is, i added

[Code]....

View 1 Replies

Security :: Login SSL Confusion / Forms Authentication Section In The Web.config To Use SSL?

Apr 15, 2010

I have a few pages that need to use SSL and I am confused bc I read you should set the forms authentication section in the web.config to use SSL. so if this is the case, the user logs in (login page is using ssl) the forms auth cookie is created and now if i redirect to the non ssl enable home page, does this mean the auth cookie will not be transmitted, so i can't display like a welcome module or know the username of the user who logged in?

View 6 Replies

Configuration :: Using Location Path In Web.Config?

Jul 8, 2010

I wanted to impose specific timeout interval and request length on some specific pages that uploads documents of size up to 50MB. Hence I did the following config changes after going through some sites.

<location path="Upload.aspx" >
<httpRuntime maxRequestLength="51200"/>
<httpRuntime executionTimeout="36000"/>
</location>

I keep getting error when I run the application. I tried various other ways like giving the complete path like <sitename>/<applicationname>/<v.folder name>/<filename>.I tried this on both IIS 6.0 and IIS 7.0.

View 8 Replies

C# - Setting Log File Path In App.config?

Mar 5, 2010

I have one requirement that i have to place the log file in the same directory of solution. That is my solution is placed in [drive]workProject1solution file. But i have to create my log file to [drive]workProject1Loglog.log. How it can be set in app.config file.

View 1 Replies

Web Forms :: Access To The Path '\192.168....c' Is Denied?

Apr 19, 2010

Server Error in '/ATM HARDEWARE REPORT_web app' Application.Access to the path '\192.168....c' is denied. Description:An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.Exception Details: System.UnauthorizedAccessException: Access to the path '\10.50.168.7c' is denied.ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.Source Error:

[Code]....

Line 14: fs.Close()
Line 15: ' Ensure that the target does not exist.
Line 16: File.Delete(path2)
Line 17:
Line 18: ' Copy the file.

View 3 Replies

C# - How To Get The Value Of The Authorized Users From The Location Path In Web.config

Oct 2, 2010

This is part of my web.config

<location path="Secure">
<system.web>
<authorization>
<allow users="SecureUsers" />
</authorization>
</system.web>
</location>

I want to be able to search for path of Secure and find out the user role that is specified. My input is the path, such as "Secure" and the value I'm trying to retrieve is "SecureUsers".

View 1 Replies

Specify More Than One Directory In Web.Config's Location Path Element?

Jan 5, 2011

In my ASP.NET's Web Config file I have the following location elements defined:

<location path="">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
<location path="dir1">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
<location path="dir2">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>

The example above is specifying that all directories will be locked down to anonymous users except the two directories dir1 and dir2. I'm curious if there is a syntax that I can use that will allow me to define more than one directory within one location element. For example, it would be convenient if we could do something like this...

<location path="dir1,dir2,etc">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>

View 1 Replies

Configuration :: Get The File Path Test.config?

Mar 9, 2011

[Code]....

[Code]....

I want to I get the file path test.config.How do find the the path to that file ?I tried something this but it appears an error:Object reference notes Set to an instance of an object.

View 2 Replies

Web Forms :: Error - Access To The Path Is Denied

Mar 10, 2010

i have a website in my local PC that works fine, i deployed on the windows server 2003 and all the pages are working but the checkout page.

View 1 Replies

Web Forms :: Access Denied To Path On File.delete

Apr 26, 2010

I am getting the access denied error while trying to delete file using the file.delete() method even though i have set permitted full control to NETWORK SERVICES user and IUSER_(user_name) and ASP.NET Machine Account users on the folder that contains the file to be deleted.

My page also allows files to be uploaded(to the same folder) and that part works perfectly fine but I get this UnauthorisedAccessException when I try to delete it at app runtime...pls do help me out folks..cant believe this error has taken my whole day..

View 3 Replies

C# - Dynamically Switch WCF Web Service Reference URL Path Through Config File

Feb 18, 2011

dynamically switch WCF web service reference URL path through config file. how do you do this?

View 3 Replies

Regular Expression On Web.config Location Path Attribute (with Parameters)?

Jun 30, 2010

Is there any way of doing something like this?

<location path="/(view|edit)post.aspx?id=[7-9][0-9]+">
<system.web>
<authorization>
<allow roles="AdminPublishers"/>
<deny users="*"/>
</authorization>
</system.web>
</location>

Authorization is just an example. I would like to be able to do other things with those locations.

View 1 Replies

Configuration :: Web.config Differences On Local Machine / Failed To Map The Path '/'

May 23, 2010

I am loading the config file programaticality so that i can edit it but ive hit a hitch in that when i debug it through VS i get the following error:

An error occurred loading a configuration file: Failed to map the path '/'.

My code is:

[Code]....

I use it in other sections of my site and know that it works as intended when it is deployed to my webhost. I am having issues with another section where I use it so I want to step through it to debug, what do I change this "~" to, to correctly reference the config when I am debuging locally.

View 2 Replies

Web Forms :: Find Netapi32.dll / Access File From Shared Path?

Mar 7, 2011

I am trying access a file from shared path and I face this error.

View 3 Replies

Web Forms :: Access To The Path Xxx Is Denied Error When Writing XML File To Folder?

May 23, 2013

 i have a folder in soultion explore that in folder there are some xml file but when write data in c# in xml file,error Access to the path 'E:YavariTCMS-v3TCMSTCMSMDFXMLXMLFile1.xml' is denied. every i remove propertice readeonly from xml or folder that contain xml file ,next tim reade onl true

View 1 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved