Re: Forms Authentication behavior on request denial

From: John Saunders (john.saunders@surfcontrol.com)
Date: 03/29/03

Next message: John Saunders: "Re: Forms Auth root "/" not authenticating sub folders and files"
Previous message: John Saunders: "Re: Managed to Unmanaged security."
In reply to: David Dabbs: "Forms Authentication behavior on request denial"
Next in thread: David Dabbs: "Re: Forms Authentication behavior on request denial"
Reply: David Dabbs: "Re: Forms Authentication behavior on request denial"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "John Saunders" <john.saunders@surfcontrol.com>
Date: Fri, 28 Mar 2003 18:04:26 -0500

You're seeing the expected behavior. This is how Forms Authentication works.

--
John Saunders
Internet Engineer
john.saunders@surfcontrol.com
"David Dabbs" <david@dabbs.net> wrote in message
news:uy$WKBw8CHA.2248@TK2MSFTNGP12.phx.gbl...
> I am not seeing the expected behavior when I configure a resource to be
> deniad to all users.
>
> Here are my root Web.config settings:
>         <customErrors mode="Off"></customErrors>
>        <authentication mode="Forms">
>             <forms loginUrl="/Alumni/Login/default.aspx" name=".KISTOKEN"
> timeout="30"
>                       path="/Alumni/Auth" protection="None"
> requireSSL="false" slidingExpiration="true" />
>         </authentication>
>         <authorization>
>             <allow users="*" />
>         </authorization>
>
> And here are the settings in the protected directory
>
> <authorization>
>     <deny users="*" />
> </authorization>
>
>
> So, when a browser requests /Alumni/Auth/SomePage.aspx what should happen?
>
> a) the user is shown an "unauthorized" page
> b) the user is redirected to the login page configured in the
> <authentication> tag
>
> "B" is happening and I'm expecting A.
>
> Any pointers to documentation that explains this behavior and how to
> configure it otherwise will be greatly appreciated.
>
> David Dabbs
>
>

Next message: John Saunders: "Re: Forms Auth root "/" not authenticating sub folders and files"
Previous message: John Saunders: "Re: Managed to Unmanaged security."
In reply to: David Dabbs: "Forms Authentication behavior on request denial"
Next in thread: David Dabbs: "Re: Forms Authentication behavior on request denial"
Reply: David Dabbs: "Re: Forms Authentication behavior on request denial"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Forms Authentication behavior on request denial
... I am not seeing the expected behavior when I configure a resource to be ... deniad to all users. ... Here are my root Web.config settings: ... And here are the settings in the protected directory ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Activated GPO is not applied
... this is expected behavior when implementing GP Loopback Processing. ... If you want to include user specific settings, make sure that you use merge mode, but keep in mind that the the OU1 GPO will take precedence in case of conflicts... ... Marcin ...
(microsoft.public.windows.group_policy)
Re: How to draw a one-pixel line??
... Loren Pechtel wrote: ... I'm getting a gray mass on the left and the ... expected behavior on the right. ... When I set my display settings really poorly, then I see what you observe. ...
(microsoft.public.dotnet.languages.csharp)
Re: resource acquisition is initialization?
... > use resources but prevent from memory leak should exception occurs. ... > class T is the resource and class User is to use the resource, ... Wasn't this the expected behavior? ...
(comp.lang.cpp)