Web.Config
-
Hello guys... I know that it's a stupid question but I really don't know how to do... I have my tree folder as follow: wwwroot\Application\ wwwroot\Application\xml\ wwwroot\Application\images\ etc... I have 2 web.config files... one on my main application folder and another on may xml folder. What I want to is just to deny access to my xml folder by using web.config. My main application web.config has this block: (...) <authentication mode="Windows" /> > <authorization> <allow users="*" /> </authorization> (...) and my xml folder web.config are only these lines <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.web> <authorization> <deny users="*" /> </authorization> </system.web> </configuration> So... when I try to access any file on my xml folder the access is granted... If I do this it's enough but if I could force authentication would be great... I don't want authentication by windows, IIS or users on my web.config but authentication from users on my Database... So many questions... thanks a lot! Wender Oliveira .NET Programmer
-
Hello guys... I know that it's a stupid question but I really don't know how to do... I have my tree folder as follow: wwwroot\Application\ wwwroot\Application\xml\ wwwroot\Application\images\ etc... I have 2 web.config files... one on my main application folder and another on may xml folder. What I want to is just to deny access to my xml folder by using web.config. My main application web.config has this block: (...) <authentication mode="Windows" /> > <authorization> <allow users="*" /> </authorization> (...) and my xml folder web.config are only these lines <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.web> <authorization> <deny users="*" /> </authorization> </system.web> </configuration> So... when I try to access any file on my xml folder the access is granted... If I do this it's enough but if I could force authentication would be great... I don't want authentication by windows, IIS or users on my web.config but authentication from users on my Database... So many questions... thanks a lot! Wender Oliveira .NET Programmer
Hi, You can use "form" authentication mode in your main web.config. Here is an articl from MS, http://support.microsoft.com/default.aspx?scid=kb;en-us;308157 Juno MCSD.NET, MCDBA, MCSE ---------------------------------------------------------- Support Team of EasyDotNet, INC. http://www.EasyDotNet.com DataForm.NET - The most powerful data entry web server control for ASP.NET
-
Hello guys... I know that it's a stupid question but I really don't know how to do... I have my tree folder as follow: wwwroot\Application\ wwwroot\Application\xml\ wwwroot\Application\images\ etc... I have 2 web.config files... one on my main application folder and another on may xml folder. What I want to is just to deny access to my xml folder by using web.config. My main application web.config has this block: (...) <authentication mode="Windows" /> > <authorization> <allow users="*" /> </authorization> (...) and my xml folder web.config are only these lines <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.web> <authorization> <deny users="*" /> </authorization> </system.web> </configuration> So... when I try to access any file on my xml folder the access is granted... If I do this it's enough but if I could force authentication would be great... I don't want authentication by windows, IIS or users on my web.config but authentication from users on my Database... So many questions... thanks a lot! Wender Oliveira .NET Programmer
Wouldn't you need to allow users in the XML folder, identify the user at Session_Start set a Session vairable that this user has permissions to view the contents of the XML folder, then modify every page in the XML folder to check the session variable and act accordingly? TF Tim Featherston www.QBSix.com