Re: asp password

From: Bill Carpenter (bill.carpenter@freeborders.com)
Date: 07/16/02 

From: "Bill Carpenter" <bill.carpenter@freeborders.com>
Date: Tue, 16 Jul 2002 10:06:58 -0400

If you use Forms authentication it will automatically redirect users to a
login page you specify if they are not logged in. This is set up in the
Web.Config You can put the users and their passwords directly in the
Web.Config or you could put them in an xml file or a database.

The relevant sections of Web.config follows

<authentication mode="Forms">

<forms name="logon" path="/" loginUrl="logon.aspx" protection="All"
timeout="10">

<credentials passwordFormat="Clear">

<user name="bill" password="password"/>

<user name="fred" password="whatever"/>

</credentials>

</forms>

</authentication>

<!-- AUTHORIZATION

This section sets the authorization policies of the application. You can
allow or deny access

to application resources by useror role. Wildcards: "*" mean everyone, "?"
means anonymous

(unauthenticated) users.

-->

<!--this will deny all users access unless they are authenticated-->

<authorization>

<!--<allow users="*" />-->

<deny users="?" />

</authorization>

You will need to put code in the logon.aspx section to check users etc.. I
think there is a good bit of stuff in the help files on this try looking up
forms authentication.

Hope this helps.

Bill Carpenter

"wobble" <warren@*nospam*romcard.com> wrote in message
news:eNj2uyBLCHA.1988@tkmsftngp08...
> Not sure where to post this question, if this isnt the correct newsgroup
can
> you please tell me where i should post it please!
>
> i am trying to use asp for a simple name/password login to my site and was
> wondering if anyone could give me any pointers....
>
> thanks in advance
>
> warren
>
>
>

Relevant Pages

  • Re: Authentication login screen appears on both frames of the framset
    ... If you're using forms authentication when a user is not authorized to see a ... page they are automatically redirected to the login page. ... Since both of your frames are checking if the user is authorized they each ... > I am using the authentication and authorization mechanism, ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: authorization problems
    ... 401 is status code reserved in RFC for failed server security negotiations. ... your IE would pop up login screen asking for username and password. ... > When I use Windows authentication, response.StateCode can get 401, So I ... >> authorization caused problems. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: get redirect url before login
    ... I suggest using HTTP Module for authentication and authorization. ... all requests will go through one central place where you will be doing ... >> My users who try to access a page before login are ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Form Level Authentication
    ... there is authorization tag which denies access to the pages ... > Which redirects all the pages to login page if not authenticated. ... > Can we open few pages which does not need authentication. ...
    (microsoft.public.dotnet.framework.aspnet)
  • [Full-Disclosure] Advisory: Dark Age of Camelot - Weak encryption of network traffic exposed persona
    ... Weak encryption in game client exposed customer billing and authentication ... encryption for billing information. ... The login binary has undergone several updates since then. ...
    (Full-Disclosure)
Loading