HELP: MS PDF "Building Secure ASP.Net Applications" - Forms Auth. and Anonymous Access
From: Mike Kingscott (mike_at_kingscott.f9.co.uk)
Date: 07/01/03
- Next message: Peter McEvoy: "Re: RSACryptoServiceProvider - Decrypting then Encrypting"
- Previous message: www.googlecrack.com: "www.googlecrack.com"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 1 Jul 2003 08:19:35 -0700
Hi there,
I've been doing some noddy Forms Authentication stuff, got lots of
good information from Google
Groups, 4 Guys From Rolla, etc but got info from the source, namely
Microsoft's PDF mentioned in
the subject (it's at
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/secnetlpMSDN.asp?frame=true
, watch for URL-wrap).
Anyhoo, in chapter 8 there's an article that takes you through setting
up Forms authentication (starts on page 164), which I have followed
step by step, and it doesn't work. Here's the thing: the article
explicitly mentions allowing Anonymous Access on the virtual
directory, and when I do that, the app just sends me back to the login
form every time. If I set the security to Integrated Windows
Authentication, it works fine.
Thing is, in the How To guides at the end of the document, they do
another run through of setting it up (starting on page 377), and
forget to mention to set anon access. Of course, I followed this and
surprise, it worked.
So, the question is, do I need anonymous access? Bear in mind that I'm
writing for apps that will be on the Internet, where I won't have
Integrated Windows Authentication set on the site (or maybe I will,
you tell me).
Help?
Kind regards,
Mike K.
- Next message: Peter McEvoy: "Re: RSACryptoServiceProvider - Decrypting then Encrypting"
- Previous message: www.googlecrack.com: "www.googlecrack.com"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
