Security :: How To Use Forms Authentication On Specific Aspx Pages

Feb 15, 2010

I want to use the login component with forms authentication, but i don't want to use the whole package. I have a database with users in it, and i create the users manually, through another section of my site. I will authenticate them using my own functions, in the Authenticate event.

But, specifying the forms authentication in web.config, i seem to recall having seen somewhere, that i could add pages that were protected, while the rest of the site wasn't.

How do i do this? Currently, i have only 1 page that i want to protect.

View 2 Replies


Similar Messages:

Security :: How To Turn On And Off Access To Aspx Pages During A Session Using Forms Authentication

Apr 9, 2010

Using VS 2010 RC, VB, and Forms authentication to allow access to the site, depending on the login rights of a user, I want to turn on and off access to certain pages. I can turn on and off buttons to access the pages, but a user can type the page into the url, and it will still go to them.

View 5 Replies

Security :: Security And Authentication - Add Information To That DataBase Only To Specific Members?

Sep 21, 2010

I have an application that has a user Login Control (provided by ASP). I am just now working with the integration of a dataBase created in MS visual studio 2010, to a developed website created in MS visual web developer 2010. My main goal is to create an authentication ticket that enables a user to be able to see a dataBase information only after that user has been successfully authenticated.

Up to now I'm able to see the dataBase when i run the website even if I'm not log-in, how i can create a home page that tells the user to log-in and once that user has successfully log-in it redirects the user to another page where the user can see the database and how I can add information to that dataBase only to specific members

View 4 Replies

Security :: Forms Based Authentication Allow Only Specific Users From Database Table?

Oct 1, 2010

I have the following implementation and I'm sure there is an easy way to do what I want to do but I can't figure it out.

1. I use forms based authentication to authenticate to my site

2. I use active directory to authenticate the users

3. I use the Allow Users="xxx" tag to authorize the users limited to the list that can access my site. (e.g.. even though Mary is an AD user she can't access my site unless I put her credentials in the allow users tag in the web.config file)

All is working well but I want to move the users access list (e.g.. <allow users="john" />" from the web.config to a database table so that I can create a user maintenance page for my admins to add and delete user access. For the life of me I can't figure out how to do this and I can't seem to find an article on it either.

[code]....

View 1 Replies

Security :: Login Pages Without Using Forms Authentication?

Oct 18, 2010

I want to create a website that a user can logon and view their data. They should also be able to logout. I'm wondering how to achieve this WITHOUT using the Membership provider api provided by Microsoft. This is what I think should happen.

1. user enters name and password and clicks button.

2.If username and password are correct the user is redirected to a webpage with their details.

3.A session is created.

4.The user logouts and the session is deleted.

View 10 Replies

Security :: Forms Authentication On HTML Pages And Images?

Dec 23, 2010

I read that with IIS 7, ASP.NET has become an intrinsic part of IIS instead of an external ISAPI DLL. They say that the main reason for this change is that it's now possible to secure files that previously have not been handled by ASP.NET.

I want to check this out, so I have created a Forms authentication web site and added the following files to it:

Default.aspxLogin.aspxHtmlPage.html

Moreover, I have set the web.config to deny anonymous users and I have enabled Forms authentication in IIS.

Here's my problem:

While the ASPX page perfectly requires me to log in, the HTML page does not. It just yields error 401.2.

So my question is:

What did I do wrong? What is necessary to have HTML files (or images) secured using Forms authentication?

View 13 Replies

Security :: Redirect To Specific Pages After Log In

Mar 24, 2010

I'm no programmer. I am a student majoring in Business Information Systems. My capstone course requires me to develop a web-enabled database that will allow a company to track their projects. I have set it up this far using the 3.5 dynamic data page. My database is fine, however I need to set it up so that Admins can view the entire site and have the ability to edit, view, and delete items, and where users can only edit projects that they are assigned. Is what I'm looking to do possible?

View 4 Replies

Security :: Setting Up Form Authentication For A Specific Folder?

Oct 5, 2010

I have an "Admin" folder in my application that will include pages that I would not like to have anonymous access to. When a user attempts to load a page that resides in this folder, I would like to redirect them to a login page. Here is what I have in my config so far.

[Code]....

[Code]....

View 12 Replies

Security :: Form Level Authentication On Specific Folder?

Oct 27, 2010

Following is my directory structure of my web application which is also configured in IIS as virtual directory

Web Site Root

|MasterPage (file)
|Web Config (file)
|Public Contents (directory)
|ShowNewWallpapers.aspx
|Admin (directory)
| Login.aspx
|WebSiteStat.aspx
|WebConfig file (need form security here)

How is configure my both web configs to solve my issue. currently i am getting following error

It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.

my root web config has default settings and my Admin directory has following settings

<system.web>

View 2 Replies

Security :: 4 Security Via Windows Authentication - Restrict Access To Safe / UCantSeeMe.aspx

Aug 18, 2010

I'm writing a simple Intranet application using windows authentication. I want to restrict access to Safe/UCantSeeMe.aspx. I am aware of the AuthorizeAttribute, but this only works on methods. I also found a good post on doing this with the MVC pattern, but I'm not using MVC. This can be done with roles in forms based security. I read on MSDN that using windows based security means roles are based on groups, but it doesn't go into any detail. how can I restrict access to Safe/UCantSeeMe.aspx?

View 1 Replies

Security :: Authentication - Can't Access Editing Pages

Oct 3, 2010

I have a website developed in ASP.NET created by someone else, sitting on another server... until now... a simple(ish) setup with login to update content. The site was zipped up and I was told it would be a simple case of uploading all the files onto the new server. I've managed to upload the site and it works fine... but I can't access the editing pages as it will no longer accept the username and password when I go to login. The host server is running ASP.NET v4 and IIS v7. Hosting is with [URL] so I'm also getting used to their way of doing things.

View 1 Replies

Security :: Form Authentication With Multiple Login Pages?

Mar 10, 2011

I have read the many posts of people trying to use two different login pages: one for users and one for admins. My question is very different. I have a Site.master page with a LoginView and LoginControl. I then have three root level pages Default.aspx, About.aspx, and Contact.aspx that derive from the Site.master. All three pages are set in the web.config to be allowed to all users. I then have a MemberPage in a Member folder which is only accessible to authenticated users. What I want to have happen is to be able to login from either the Default, About, or Contact pages and then be directed to the MemberPage.

View 2 Replies

Security :: How To Add Pages In Form Authentication Sample Code

Mar 7, 2011

how to add pages in the Form Authentication Sample Code. I am required to add a registration form in this Custom Security Solution. It lets me add the .cs files but when I add .aspx file, it gives errors in building. let me know what architecture have they followed? Why they have .resx files?

View 2 Replies

Security :: Create Admin Folder And Pages To Add User ,content ,authentication

Jan 13, 2011

i need some lessons in how to create admin folder and pages to add user ,content ,authentication, etc

View 2 Replies

Security :: Set Only The Login.aspx Free For Authentication?

Jan 25, 2010

i using authentication at my Login.aspx prety fine, but i loss my login page style, color etc.. how i set security for login page Free?

View 1 Replies

Security :: Aspx Pages Login Won't Work

Jun 24, 2010

I developed our feature rich web page which is constantly changing. I'm not much of a programmer but I know HTML and CSS pretty well. I have a need to create a couple of login page for prospects and end users to get to secured content. I put together a page that works perfectly in Microsoft Visual Web developer Express 2010. This includes a login page. Ironically, after learning how to do all this from a book, there is a web page that perfectly chronicles what I am trying to accomplish and the steps to do it. It's here: [URL]

I don't expect you to watch it, but there is a simple aspx page created for login and then users are created and the content is displayed after successful login. It works fine in m development environment, but when I post, nothing. Furthermore, twice in the last two days, after downloading my current site to my hard drive, and then posting back after adding this functionality, my FrontPage forms stopped working. I had to have my website restored from backup. The whole thing makes no sense and I can't find any precedence posted on any user forums. So any testing I do seems to wipe out my navigation structure.

I'm going to establish the site on a different server tonight and see if its configuration. If that works, I'm not sure where to g next. I'd appreciate any thoughts. The worst part is I can't post a test page or my Fropage contact forms stop working.

View 1 Replies

Security :: An .aspx Pages In There Won't Get Served With Login?

Mar 31, 2010

I have a website statistics program that creates .htm pages for viewing. Im trying to keep them in their own folder on the root - "Statistics"After reading many posts I have tried many iterations of:

[code]...

Problem is, an .aspx pages in there won't get served with login, but all the .htm pages will.

View 24 Replies

Security :: Membership And Form Authentication / Logged In user Can See Content Of Pages They're not Suppose To?

Oct 19, 2010

I am having an issue, with the membership and form authentication. I am having a problem where when an logged in user types a url they can see the content of pages they're not suppose to. When the user tries to click on the screen or any ajax fires they are redirected to the main page. What is going on? I have all the items setup in the webconfig properly just wondering what is happening. Also I don't want to use a redirect solution for each page since that is what I thought webconfig was setup for.

View 1 Replies

ASPX Pages Fail Due To FIPS 140 Security Policy?

Mar 18, 2011

I am working on a government site and am having some problems with my local security policy interferring with my web application. There is a setting called "System cryptography: Use FIPS 140 compliant cryptographic algorithms, including encryption, hashing and signing algorithms" which is enabled on my server.

Since that has been enabled, most of my aspx pages are returning the error "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms." These pages aren't accessing any cryptographic methods. They do communicate with another database server, but that's it.

My problem is similar to the one described here. However, I don't have the option of disabling this FIPS security setting.

I am using .NET 4.0, IIS 7.0, and Windows Server 2008 R2, if that matters. Has anyone encountered this problem before?

Update

Unfortunately, correcting the machine key element to use a FIPS compliant algorithm did not completely solve my problem. I am still getting the error on alot of my pages.

I found two hotfixes which may be related. I will try to install these and see what happens.

SQL Server Reporting Services R2 hotfix ScriptManager Control hotfix

View 1 Replies

Security :: Authentication Tips While Redirecting From Java (.jsp) To ASPX Page?

Jul 9, 2010

we have an app built in Java and they use a button onclick of it will re-direct to IIS (to our screen)...what kind of authentication should I need to make sure whether user is coming from that Java screen...

View 1 Replies

Security :: Authentication Cookie Persistance To True On A Aspx Website?

Aug 26, 2010

authentication cookie persistance to true on a aspx website,this works great.now I have made an affiliate website (HTML + iframe (same aspx)) and it does not keep my user logged in after closing browser.

View 1 Replies

Security :: Preventing Direct Access To Non .aspx Pages In Protected Folder?

May 24, 2010

In one of my website I need to prevent direct access to non .aspx pages in a protected folder. Authentication works fine if I am going to [URL] but in one case my users are uploading html pages in that folder and if somebody cut and paste [URL]the page can be seen without the authentication process to be activated.

View 6 Replies

Allow Specific Extension In Forms Authentication?

Mar 3, 2011

I am using forms authentication with

<authorization>
<deny users="?" />
</authorization>

However, I want to allow all calls made for specific extension say *.abc.

I tried:

<location path=".abc">
<system.web>
<authorization> [code]....

but wildcards are not allowed.How can I allow *.abc calls to work for all users?Is there any web.config element I can use OR anything I can do in AuthenticateRequest httpmodule?

View 1 Replies

Security :: Associate A Specific User To A Specific Data On The Site?

Mar 14, 2010

I am trying to figure out how to associate a specific user to a specific data on the site, like social networking site.

View 3 Replies

Web Forms :: Marking Specific Pages With A Flag?

Nov 1, 2010

I have a website that has many pages. Half of the pages need to redirect a user to a specific page. The other half DO NOT need to redirect a user. How can I mark a page as needing / not needing redirection without going into each Page_Load and manually writing my code. I was thinking about creating a MasterPage and creating a virtual property called NeedsRedirection and overriding it in the webpages, but I soon realized that the webpages still do not INHERIT from the master page. Any other suggestions as how to mark a page as needing redirection? Can I do this in the markup to make it easy?

View 1 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved