I am upload the Pdf Files And Save in Folder But any one easily open this folder
http://localhost:8748/Lib/Admin/Files/ like that
And see all the uploaded pdf and click any pdf open this pdf
like that
http://localhost:8748/Lib/Admin/Files/Asp.net_Interview_Questions_and_answers.pdf
So this URL cannot be open what I can restrict this URL .....
I need to restric access to my admin folder to certain people. Those with no authentication ticket should be redirectered to a "not allowed page". How do I identify all pages in my admin folder. I have so far but is it OK?
If url.Contains("/admin") Then
'If authentication ticket incorrect then
`Response.Redirect("~/notallowed_admin.aspx")`
End If
And not, I cannot use my web.config for this particular issue.
I am ristrcting access to the Account folder using below:
<location path="Account">
<system.web>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
</location>
and access to the Default.aspx using
<location path="Default.aspx">
<system.web>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
</location>
but how do i restrict access to a specific file in the Account folder rather than the entire folder?
I tried the following but did not work
<location path="AccountChangePassword.aspx">
<system.web>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
</location>
I have folder in my asp.net website ..namely admin
i have following pages inside admin folder ... login.aspx, home.aspx, welcome.aspx ...
i want if user directly open page ... welcome.aspx or anyother page inside admin folder then it automatically redirect to login.aspx till they login using admin id and pass ...
how to do this setting in web.config...using authorization vb.net
How can I Restrict Access to an specific folder, for example I have a folder that Authenticated users upload different files in it. the problem is that every user can access the files via URL in the browser.I don't use asp.net login controls for authenticating and role memberships, I have written login page and roles my self via code behind.
View 1 Replies[Code]....
Trying to restrict access to folder but can't?
How to restrict folder access in asp.net like i dun want any other to see my Uploads folder in browser by link http://www.myweb.com/Uploads
View 3 RepliesI have created an application with multiple webforms what is the best way to restrict access to particular pages based on what group logged on user is in?
View 6 RepliesI'm simply adding to a set of rules on existing rewrite rules for our company website. We have a file that we need to restrict to only our internal IP addresses. The URL is http://oursite.com/internal/index.aspx?u=blahblah and need it restricted to IP ranges 10.1.X.X. I'm adding this and it's not doing anything. Even if I tried to capture all using .* for the pattern, it still ignores it. Is my syntax correct?
<rewrite>
<rules>
...
<rule name="Restrict URL" enabled="true" stopProcessing="true">
[code]...
i have a problem with forms authentication. i have a website and want to restrict access to an especific folder. i want the access to this folder be made via the login form this is what i have in the web.config
<authentication mode="Forms">
<forms name="Compra" loginUrl="wfLogin.aspx" path="/" protection="All" timeout="30" />
</authentication>
<authorization>
<allow users="*"/>
</authorization>
Then this to restrict folder
<location path="Admin">
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</location>
the problem is that when the user login with valid information the website return to the login form.
I am trying to deny access to my 'Admin' folder via web.config. I looked at another answer to a similar question and they recommend using the <location> folder, however when I insert "Admin/" into the path I get the following error:
[Code]....
I have a problem in my asp application. In my application I have an own authentication mechanism so in the web.config file I have <authentication mode="None"/>
Inside the application users can upload files to the folder I've created (App_Files). I would like to give access to the folder only once they are logged in (Session["Login"] is no null).
I dont want not logged in users to be able to access the files over a url address in the browser (like http://<server>/App_Files/Filename.pdf)
the following web.config file is placed in a specific sub-folder on a website. It will allow the user John.Doe to access the pages inside the folder but will deny anonymous users
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web> [code]...
Is it possible to replace users in the following web.config file with certain session variable for example getting the day(sunday, monday, etc) from date and storing it in session("DayVar")
then the code should be something like this for the subfolder monday
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web> [code]...
is this doable ?
just for my testing purpose i know i can define both the connection's outside in a single web config file by different name's and access them in my front end according to it but what if i want to have seprate for both connection's web.config situation is like this see image so i want to access my connections from second web config file how i can do that.
[Code]...
i tired this but its giving error
[Code]....
I am planning to make a membership-oriented website where users are allowed to upload files to their accounts, which have a limited amount of space.I can surely see a code-oriented solution (with a database holding the size of each file), but I was wondering whether it's possible to restrict folder sizes with Windows or ASP.Net (web.config?). I don't really think it's possible through the web.config,
but I'd still like to ask the community.Does anyone know what's the best way to implement the above?
[URL] ....
In above link you clearly describe (How to display directory folder structure).
The path only works when the folder insight the project.
When I put folder outside the project it didn't work. What type of changes I need to made to acces the folder outside the poject. & How can I show other details of files which are including in folders Like. Last Modified Created Date, Modified Date etc..
In the root directory my web.config is doing the job of loggin in people to a website.
I don't need this behaviour in a directortory of the root directory. How do I solve this problem?
This are the authentication thins in my web.config:
[code]....
i am building a member management site for a sports club, i have all the usual feilds
lastName, firstName, address1, address2, address3 ....
but they also want a photo
when i first made the DB i used access 2010 which uses the 2007 file type which supports attachments, however asp.net doesnt support the 2007 format. and the 2003 file type doesnt support attachments, i assume i use the OLE object data type but i have no idea how i get my aspx page "new.aspx" to upload an attachment. plus i want to restrict the file type to *.jpg
I am using the membership provider and am reasonably comfortable that all of my web pages are safe.Some of the pages contain hyperlinks to documents (pdf, xls, etc.) stored in a folder under the root of the web site. I have disabled the ability of users to anonymously list folder contents, but I don't see a way to keep anonymous users from accessing the documents if they know the specific URL for that document. Example; if the document contains a spreadsheet of current sales, I don't want an ex-employee (who captured the URL while working here) to be able to bring up the current document.asswording the documents isn't a good choice because there are hundreds and we'd like to avoid changing them all every time someone leaves, or weekly, or whenever...Is there a way to restrict access to all contents of a web folder to people who have been authenticated?
View 4 RepliesI have an asp.net application. There is a folder in the project that users upload images and files to that folder.
I want to restrict users, that each user sees only his files. How can I do this?
Because files are uploaded in folder, users may access them by browsing file urls.
I have a shared folder with directories on a remote server that I am trying to access with the method System.IO.Directory.GetDirectories(). This folder is based off of the credentials gotten from windows authentication. My problem is that everything works fun when I debug the Web Application in the built in IIS in VS, but when I set it up in IIS V5.1, it tells me that I have an invalid username and password. I am using Visual Studio 2005 on a Microsoft XP SP2 machine.
View 5 RepliesI have a menu in my application (created from the sitemap) which I want available to two user roles. However, there are items on that menu, I want available only to one role or the other. So I have created the following in my sitemap.
[Code]....
Essentially, I want employees with the "TimeUser" role to see the "My Profile" link that goes to the EmpProfile.aspx page, but not the link to the client profile page. However, when an employee logs in, they see both. I am guessing this may be because the "My Account" node which contains them allows both roles. Is there a way around this without duplicating the "My Account" node?
Is there anything missing in IIS 6.0 that prevents me from (Insert into table) using MS-Access?
Explain: The application works fine under Visual Studio 2008 IDE the insert into table works fine with no error, Also I tested with hosting provider and works fine with no problem. but now I have published the same exact app in a dedicated server windows 2003 with
IIS 6.0 .NET framework 2.0 with latest service pack I gave IIS_WPG write/modify access to the folder where MS-Access database is located and database but at the time of insert an error pop-up. I need to install in the Server or settings in the IIS to recognize my MS-Access db is it some office runtime that I am missing. (BTW I am using OLEDB connection string in my C# )
Using System.Data.OleDb;
I can retrieve data off of it with no problem but when I try to insert is when it fails I thought the problem was Access Rights but I do not think is the case.
I am using File upload control to upload image and store images in database
When i browse the image
My file path is D:sampleSlide1.JPG
How to i get the folder name ie 'sample' from above path?
I want to delete a folder in asp.netTo create the folder Directory.CreateDirectory(Path.Combine(Server.MapPath("~/Docs/"), idtxt.Text)); But how I can delete it?
View 1 Replies