Windows Integrated Auth and NTFS security
From: Lorenzo (lorenzo.pena@senomyx.com)
Date: 03/10/03
- Next message: Joseph Geretz: "Re: How to provide Log Off for a Web Application?"
- Previous message: Joost Schipperheijn: "How to decrypt with an RSA public key (at all)"
- Next in thread: Bassel Tabbara [MSFT]: "RE: Windows Integrated Auth and NTFS security"
- Reply: Bassel Tabbara [MSFT]: "RE: Windows Integrated Auth and NTFS security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Lorenzo" <lorenzo.pena@senomyx.com> Date: Mon, 10 Mar 2003 08:53:42 -0800
Hi,
I am having a problem configuring security to subdirectories in an aspx
application, here is the scenario:
1. I have anonymous authentication disabled in IIS, only Integrated
authentication is enabled.
2. web.config: has <authentication mode="Windows" />, <allow users="*" />
3. NTFS security allows the group everyone read access.
4. Using IIS 5 running on Windows 2000 server.
My question is, can I use a new web.config file in a subdirectory to control
access without first having to set the subdirectory as an application?
I have also attempted to only use the one web.config file and then
restricting access via NTFS but that does not work either.
By the way the only way of setting security on the subdirectory is to add
<location> tags in the root web.config file, I would like to not do this
because I have a huge list of subdirectories I would like to secure.
Any help will be appreciated.
- Next message: Joseph Geretz: "Re: How to provide Log Off for a Web Application?"
- Previous message: Joost Schipperheijn: "How to decrypt with an RSA public key (at all)"
- Next in thread: Bassel Tabbara [MSFT]: "RE: Windows Integrated Auth and NTFS security"
- Reply: Bassel Tabbara [MSFT]: "RE: Windows Integrated Auth and NTFS security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
