Security ::redirect If A Folder Is Protected By A Web.config File?

Jun 9, 2010

There are some folders in my application that are only accessible by users in certain roles.In order to protect the contents of these folders, I placed web.config files in them which look like so:

[Code...]

Also,in the main web.config file, I have this configured:

[Code...]

However,when I try to access a folder that I'm not authorized to access, I'm not being redirected to unauthorized.aspx page as indicated in the main web.config. Instead,I'm getting sent to the login page.Any idea what I'm doing wrong? Here's the authentication section from the main web.config:

[Code...]

View 6 Replies


Similar Messages:

Security :: Preventing Direct Access To Non .aspx Pages In Protected Folder?

May 24, 2010

In one of my website I need to prevent direct access to non .aspx pages in a protected folder. Authentication works fine if I am going to [URL] but in one case my users are uploading html pages in that folder and if somebody cut and paste [URL]the page can be seen without the authentication process to be activated.

View 6 Replies

Security :: Non-asp Files / Moved The Pages And Files To Other Folders And Set The Web.config File On This Folder?

Jul 1, 2010

I was following the tutorials from this two sites:

http://www.15seconds.com/issue/070104.htm

http://aspnet.4guysfromrolla.com/articles/020404-1.aspx

Following the first site, it had worked but when I´ve moved the pages and files to other folders and set the web.config file on this folder, now it won´t work at all!!!

The file is an *.swf object. I did put the asapi.dll to map the extension on the website root, I´ve put the

[Code]....

on the web.config new folder and on the web.config website´s root.

It won´t work!!! I can access the file directly!!! on the web.config of the folder that contains the file, there is a <deny users="*" /> line.

View 4 Replies

Security :: Redirect From Web.config When Forms Authentication Failed?

Mar 7, 2011

I am using forms authentication to authenticate users. Application has multiple folders and one of the folders has its own web.config

[Code]....

I want to redirect the user to "info.aspx" instead of "login.aspx"Root has the following web config

[Code]....

View 8 Replies

Security :: Configuring Web.config For A Folder That Requires Logging In?

Jun 13, 2010

I have a problem configuring web.config file. In root directory I have a web site that doesn't require logging in to be viewed (public section of the web site) and I also have a folder ("Administration") that needs logging in to get access to it. Login.aspx is located in folder "Administration".

The question is how to properly set up the web.config to connect Administration/Login.aspx with Administration/Default.aspx. I tried editing web.config in root directory by adding the following lines, but it only shows me Login.aspx and it redirects me to the public section:

[Code]....

Do I also have to add web.config in "Administration" folder and with which parameters?

View 8 Replies

Web Forms :: How To Redirect To Folder(file) Using Role Manager

Dec 28, 2010

I use ASP.NET RoleMembership. I have 3 Roles :

1. "Admin"
2. "Manager"
3. "User"

By default, all new users are in "User" role.

I have 3 folders:

1. auth - "Admin", "User"
2. manager - "Admin", "Manager"
3. Administration - "Admin"

If "Manager" tries to access "auth" folder, it is redirecting to login.aspx page. But because the "Manager" is authenticated already, how to redirect him to "manager" folder instead of Login.aspx page ?

View 5 Replies

Register WebUserControl's On The Web.config File For Sub-app Folder

Jan 5, 2010

I seem to be having a problem with my visual studio 2005/2008 installation or something because it isn't providing any IntelliSense whatsoever for controls registered on web.config files in folders different from the root, but it isn't showing any errors neither. Is this behavior normal?

I have access only to the folder of my sub-app, so I can't modify the root's web.config file. Well I COULD, but I'm NOT allowed to.

What I'm trying is to register some WebUserControl's on the web.config file for sub-app folder, so all the pages in my sub-app can use the WebUserControl's without having to register them on every page, but I'm not getting IntelliSense for those controls registered on the web.config file on my sub-app folder, but I do get IntelliSense if I register them on the root's web.config file. IntelliSense for everything else appears to be working fine.

In the web.config file on my sub-app folder I have something like the following:

[code]....

am I doing something wrong?

Update Now I have upgraded to VS2008 SP1 and the issue persist

View 1 Replies

Security :: Redirect Javascript And CSS URLs To Homepage(Default.aspx) By Web.config?

May 28, 2010

I want to redirect my Javascript and CSS URLs to Homepage(Default.aspx) by web.config or via anyother way in ASP.Net. I tried to try it but I can't able to do this thing. I have already checkout ASP.Net professional book but I can't get any reference for it anywhere.

View 2 Replies

How To Make A Folder Password Protected In IIS

Jun 24, 2010

I have a website that has anonymous authentication enabled. Now for a particular folder I want the users to be logged in with a userid and password. The user id and password is going to be same for everyone.

Eg user id is TEST and Password is answer. How can I do that?

I went in to that folder ->properties->directory security->edit-> And I disabled the anonymous access

But where should I add the User Id and Password? Under which option.

View 5 Replies

Configuration :: Redirect To The Default Login URL As Defined In The Web.config File

Jul 28, 2010

I have what I think is a very common scenario but I've searched quite some time now and can't seem to find the answer! I have a standard web app that has a web.config in the root directory. I have some account management pages in a subdirectory called Accounts. Any timeouts at the root level work fine - the user is redirected to Default.aspx as indicated in my Forms authentication. My problem is when the users are in the Accounts (or any) subdirectory and they go off for coffee and the app times out. On the next click, they get an error saying "Accounts/Default.aspx" cannot be found. And Default.aspx is not there as it sits at the root level. It's trying to redirect them to the default login URL as defined in the web.config file but that doesn't work when the user is sitting in a subdirectory. I don't want to put a default page in this any every sub directory. I have tried putting a web.config file in the subdirectory but it throws the error about machine to application level/IIS.

View 1 Replies

Security :: Forms Authentication In Web.config / Access To Folder Be Made Via Login Form?

May 28, 2010

i have a problem with forms authentication. i have a website and want to restrict access to an especific folder. i want the access to this folder be made via the login form this is what i have in the web.config

<authentication mode="Forms">
<forms name="Compra" loginUrl="wfLogin.aspx" path="/" protection="All" timeout="30" />
</authentication>
<authorization>
<allow users="*"/>
</authorization>

Then this to restrict folder

<location path="Admin">
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</location>

the problem is that when the user login with valid information the website return to the login form.

View 7 Replies

WCF / ASMX :: Accessing A Web Service In A Protected Folder?

Dec 31, 2010

I have a web service which is in a folder within my application. This folder is only accesible to certain roles. I use this service in a page on root of the application but I block creation of the javascript or the service definition in the aspx page if the user is not in the role.

The problem is that when anonymous users try to access the page in the root of the application they are prompted for a user name and password. I hope I am clear. The code below is what I have set up in the ASPX page:

[Code]....

View 3 Replies

Making Web.config Password Protected And Use It In Application?

Jun 18, 2010

I want to make my web.config password protected so that external users do not open it. But my application should be able to access. Is there any way to do this?

View 2 Replies

Web.config Location Tag - Want All The Pages Password Protected

Mar 21, 2011

I'm looking to deploy a web app and I have a simple question about the <location> tag of the web.config file. For the moment, I want all the pages to be password protected and I've created a simple login page with the login object. I've put all my .aspx file in a directory called AppMyPages and I've put this in the config file:

<location path="AppMyPages">
<system.web>
<authorization>
<allow roles="tester" />
[code]...

View 1 Replies

Security :: Windows Authentication - Get Role Security In Web Config File To Coincide With Controls

Apr 6, 2010

We use Sharepoint to control our websites. We build the sites, then load them into the sharepoint server. My question is if I use windows authentication, how can I get my role security in my web config file to coencide with the asp.net controls that use the Forms authentication. Is there a differenence? Our security uses a session variable for security but there is no where to set up their permissions except in active directory. I hope this makes sense because I would like to implement the LoginView with Role groups but how can I give them the role="administrator"? Do I have to go into active directory and give them these permissions(would take awhile due to the size of the company)? Or do I have to set up priveladges in the web.config file for each user(difficult I think)?

View 5 Replies

Security :: Specify Password For A Password Protected Ppt File Through Vb.net?

Jan 27, 2010

Am trying to open a .pps/.ppt file through my vb.net code.....due to secure reasons this file is password protected,

However i will not like the end user to put a password when accessing through my application.

Hence i want to pass a password as a parameter while open such a password protected file.

Here is my code.

Reference URL: http://support.microsoft.com/kb/303717/EN-US/
Dim oApp As Microsoft.Office.Interop.PowerPoint.Application
Dim oPres As Microsoft.Office.Interop.PowerPoint.Presentation
Dim objpresset As Microsoft.Office.Interop.PowerPoint.Presentations
oPres = objpresset.Open(filename, Microsoft.Office.Core.MsoTriState.msoCTrue, Microsoft.Office.Core.MsoTriState.msoCTrue, Microsoft.Office.Core.MsoTriState.msoCTrue)

Where can i provide password while opening a ppt file...

View 2 Replies

Web Forms :: How To Access Connection Connection String From Sub Folder Web.config File

Mar 15, 2011

just for my testing purpose i know i can define both the connection's outside in a single web config file by different name's and access them in my front end according to it but what if i want to have seprate for both connection's web.config situation is like this see image so i want to access my connections from second web config file how i can do that.

[Code]...

i tired this but its giving error

[Code]....

View 1 Replies

Security :: How To Encrypt The ConnectionStrings In File Web.config

Mar 15, 2011

I fully followed the steps in this page [URL]

look at the step 5 at "Using the Example Provider in an ASP.NET Application" element , I entered the command "

aspnet_regiis.exe -pe "connectionStrings" -app "/SessionState" -prov "TripleDESProvider"
" at the windows command line, it asked me "The protection provider 'TripleDESProvider' was not found"

I make sure the files keys.snk and keys.txt are in the same folder and the file web.config is correct. Who can tell me the reason for the error and how do I handle with it?

View 2 Replies

Security :: How To Set Anonymous Access To IIS 7 From Web Config File

Aug 30, 2010

I have developed asp.net 2.0 website with crystal report now what my problem is whenever i go to crystal report page its by default going to login.aspx or default.aspx though i didt set any login to my asp.net page..

I talk with my hosting provider they said that the asp.net impersonate is enable..

I think in IIS 7 authentication if i set anonymous access enable, will it work fine?

so i need to know how to enable anonymous access from my webconfig ..

View 3 Replies

Security :: Copy AlI File From Client Machine To Server Folder?

Apr 13, 2010

i have to copy AI file from client machne toserver without use the file upload control.

Can i use Scripting.FileSystemObject ?

View 1 Replies

Web Forms :: Move File From Webserver Folder To Local File System Folder?

Jan 27, 2011

I have requirement to copy or move file from webserver app folder to local file system folder (user selected). How is it possible in ASP.Net.

On my page i have textbox and browse button and user clicks browse button to select folder and there is Copy/Move button and when clicked the files under webserver folder should be move to the user selected folder. The webserver folder path is available to application.

View 1 Replies

Security :: How To Protect Web.config File From External Access

Jun 18, 2010

How to protect our web.config file from external access.

I mean some sort of password protection.

View 3 Replies

Security :: Set Forms Authentication To Website To Web.config File?

Mar 8, 2010

when i set forms authentication to my website to web.config file as

<authentication mode ="Forms">
<forms
loginUrl="login.aspx"></forms><authentication><authorization><deny
users="?"/></authorization>

and login button ,i write the following code

FormsAuthentication.RedirectFromLoginPage("login",
false);

and logout button ,i write the following code

FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();

it works but when i press browser back button after logout button click

it maintains the page history and the page will redirect to last requested page

View 7 Replies

Security :: Encrypting Config File's Connection String And Keys?

Sep 23, 2010

Is aspnet_regiis.exe secure? If i encrypt using aspnet_regiis.exe, will it automatically decrypt the string and wont give any error? Need an insight into this stuff.... Is Rsa the best option or wat? Wat's the best way to encrypt/decrypt programmatically?

View 10 Replies

Security :: How To Limit User To Access Database And Web.config File

May 6, 2010

I know I can use [assembly: FileIOPermission(SecurityAction.RequestRefuse, Unrestricted = true)] to limit user to access disk files, now I hope to limit user to access database and web.config file, how can I do?

View 2 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved