I have a directory in my website called /MyFiction. It is an installed version of Wordpress for a particular blog and I would like to keep it to where you can only get to it if you're authenticated. I'm an old hat to ASP.NET but with MVC I'm still a newbie....
View 3 Replies
How can I deny access to particular directory in IIS. In Apache I could just add .htaccess file:
Order allow,deny Deny from all
to Logs or cache directory and nobody will allowed to see any content in that directory.
However when I add Web.config:
[Code]....
it works only for files handled by asp and doesn't work for i.e. log.txt.
I don't have access to IIS server, I can only add and change files.
how I can prevent someone from viewing directory list (files) from url?
For example: [URL]... I don't want anyone to see directory list of files under the folder directory by just entering above. I have several project folders for my web app and in each folder, I have a web.config file <authorization><deny users="?" /></authorization> as well as <location> tags. They are working fine from preventing unauthorize access to the .aspx pages and redirecting to login page. But still want to prevent viewing the directory folder.
I have a problem with ASP.NET web configuration file. I want to deny some users or roles to accessing a specific PDF file. I am using ASP.NET membership and role management system. So I added this lines of codes to a Web.config file:
<location path="myfile.pdf">
<system.web>
<authorization>
<allow roles="admin"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
and put it to the directory witch the file is included in it. Now when I run the project in local system I can not access the PDF file wile I login with "admin" role. But when I publish the project on the web server I can not brows the folder but I can view the PDF file when I browse complete path to the PDF file. So:
I can not access : [URL]
but I can view : [URL]
I have a web application that has a configuration folder that houses multiple XML files that are configuration settings for multiple "portals" as you will. I need IIS to have access to them so the "portal" loads (sql connection strings, master page paths) but I want to deny any outside access (url browsing). Here's an example below:
[URL]
I need to restrict access to this file if you're browsing to it but still allow the system access to it so it can parse the "portal" that it's loading.
I am trying to deny access to my 'Admin' folder via web.config. I looked at another answer to a similar question and they recommend using the <location> folder, however when I insert "Admin/" into the path I get the following error:
[Code]....
I have certain pages in my application that are designed to be accessed only by redirect from other pages, and not directly(i.e they must get a query string from other page, otherwise there is an exception).
So I want to prevent users from accessing them by typing the URL, but I want them to be available by redirect.
I have set up a SQL Role and denied SELECT, INSERT, UPDATE, DELETE access to a number of tables.I noticed that a user in this role can create a stored procedure containing a SELECT, INSERT, UPDATE or DELETE statement on the table that I have denied access to.How could I stop the user in the role from being able to create/alter/execute stored procedure which use the tables than I have denied access to?Also, the user in the role needs to be able to execute stored procedure on the tables which they are not denied access to.
View 7 RepliesI have a folder called <mysite>/Pages. This folder is PUBLICIn this folder I have a aspx page called : MySecure.aspx I have on the default.aspx page a hyperlink to the "~/Pages/MySecure.aspx page".I want to limit access to the MySecure page to only those in a Admin role (so no members no guests or www users can see it. I dont want to move MySecure.aspx into a secure folder.This is what I did in the wedconfig
<location path="Pages/MySecure.aspx">
<system.web>
<authorization>
[code]...
I have an internal corporate ASP.NET MVC website.
Requirement(1): When any person is on the network, they can access this site EXCEPT one AD Group (Example: AD_Sales group).
Requirement(2): Also like for example if a person that has the access passes a url (Ex: http://mysite/Home/Index/Product/Letter) to a sales group person, he still should NOT access and need to display a custom message saying "You are not authorised to view this page".
If the scenario is like to issue the access to one AD Group and deny access for all others, it is fairly is. It can done from IIS. I am Wondering how to do this.
i have a web application which can be accessed via intenet the application is running on iis and configured using a router..i m looking for a good solution where i can give access to only authorized computers rest of the computers cannot access the applcation for eg:- if i have a users in office1 in sales dept. and he access the application from his office, so i want to deny the same user or any other user, that he cannot access the same application from home or antwhere else.
View 8 RepliesI have a folder called /Error in the root directory for an ASP.Net site. The site is completely public, so there is no authentication of users. Inside the Error folder, I have a file called errorlog.aspx, where I log unhandled exceptions. I don't want the public to be able to view this file. I created a web.config file inside the Error folder.
[Code]....
However, I'm still able to view errorlog.aspx by typing the URL into the browser. What am I missing?
I have a web app, which contains a folder Uploads, to which users (authenticated) upload their files (for some reason it has to be a folder in the root of the web app).I want to deny access to this folder and files to all non-authenticated users.
In my web.config I have:
[Code]....
and everything seems to work in development, but on a staging server it redirects non-authenticated users to login page ONLY from aspx pages, but not when entering the url to the file in Uploads folder.
My web application need to list the network share information. The return code is '5' after I call NetShareEnum[Netapi32.dll] in windows integrated authentication.
I found that currently I am using Kerberos protocol to authenticate the access users and the token is grenerated with [TokenImpersonationLevel.Impersonation].
Who know how to resolve this problem? Is there any way to get a token with [TokenImpersonationLevel.Delegation] in Kerberos? BTW, I am sure about that the access user has the Access privilege to list the network share in target server.
I have a shared folder with directories on a remote server that I am trying to access with the method System.IO.Directory.GetDirectories(). This folder is based off of the credentials gotten from windows authentication. My problem is that everything works fun when I debug the Web Application in the built in IIS in VS, but when I set it up in IIS V5.1, it tells me that I have an invalid username and password. I am using Visual Studio 2005 on a Microsoft XP SP2 machine.
View 5 RepliesHow to get a primary token to solve a double - hop and be able to access Active Directory [URL]
I don't understand a method A where is ASPX page to set the security mechanism to Anonymous only.
I am trying to access a remote network share from a C# program in asp.net. What I need is something like
function download(dirname)
{
directory = (This is the part I don't know how to do)
[code]...
I am attempting to create a single sign on experience between an asp.net site and a wordpress site using a simple form POST method. I have built a simple php page that uses the native wordpress functions wp_insert_user and wp_signon to create user account in the mysql db and sign them in. In my asp.net 'create new user' page code behind, I'm using the post method of an HttpWebRequest to send the required information to the php page.
It almost works! The new wordpress user is created in the mysql database, but they are not logged in. How can I get wordpress to log them in?Here is my HttpWebRequest
'get the values
Dim fn As String = TxtFirstName.Text
Dim ln As String = TxtLastName.Text[code].....
im a little bit angry, because i realy don't know how i can access a virtual directory a created in the IIS.
For example i created virtual directory called "Images" in the IIS under my default website. The "Images" folder is connected with my physical harddrive "D:Bilder".
Now how do i access this folder from code behind? I really tried everything but i can't load a image from this virtual directory :
I have an ASP.NET page that creates directories, and in another page I upload some files in these folders, but when I upload a file in a directory, the below error appears:
Access to the path 'my path' is denied.
I am developing an asp.net web application. I have to access one of the image in images folder in root directory. I am using following code in my code behind file.
string imageDirectory = HttpContext.Current.Server.MapPath("~/images/");
string imageUrl = imageDirectory + "/img1.bmp";
This works fine in my local machine. My question is does this code work when I move my application to production ?
I would like to use WordPress as my blog engine, but it is based on PHP. I wonder if there is a dot net version of it which provides the same feature as well as the same look.
View 1 RepliesI'm working on a Press Release website that currently has an existing distribution platform built on ASP.NET - the site that I have built is utilizes Wordpress Multi-site and BuddyPress, and I need to share information between Wordpress & the existing ASP.NET CMS. The information that needs to be shared between both platforms is 1) Press release information (which is a custom post type in Wordpress) and 2) The login information. Is there a way to have ASP.NET get the information from the Wordpress MYSQL database? Or is the best way to write a plugin for wordpress that will send information to the ASP.NET each time a new press release is written, and each time a new user account is created. I can go either way - having ASP.NET grab the info, or Wordpress send the info out.
View 1 RepliesIs it possible to integrate a Wordpress blog with ASP.NET If yes, then how?
View 2 RepliesI am trying to automate a few things in wordpress blog, using HttpWebrequest.i have tried to get the login page "http://mywebsite.net/wp-admin"and then try to post with login data on page "http://www.mywebsite.net/wp-login.php"data = "log=admin&pwd=mypassword&wp-submit=Log+In&redirect_to=http%3A%2F%2Fmywebsite.net%2Fwp-admin%2F&testcookie=1"i am not able to login, wat i have discovered is that when using browser the cookies are sent to the server, but using HttpWebrequest the cookies are not sent on post, i am configured a cookiecontainer for the httpwebrequest and works fine other wise,.. and also on "post" the request host also changes to "www.mywebsite.net" and on "get" request it is "mywebsite.net"
View 2 Replies
