Re: Forms authentication for HTML files

From: Eric Newton (ericnewton76_at_hotmail.com)
Date: 08/15/03

• Next message: Eric Newton: "Re: Newbie Hello World Authentication Issue"
• Previous message: Eric Newton: "Re: Secure Database-Driven output to Web-Controls like Repeater"
• In reply to: John Virgolino: "Forms authentication for HTML files"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 15 Aug 2003 14:57:49 -0400

You could map HTML files in IIS admin to the aspnet handler,

or, a better way, you could utilize a helper ASPX that takes the html file's
path and simply spits it out verbatim, and since the ASPX page runs under
the Authentication routines, it would properly restrict access.

HTH

-- 
Eric Newton
eric@ensoft-software.com
C#/ASP.net Solutions developer
"John Virgolino" <jvirgolino@consulvation.com> wrote in message
news:%23wDuFM5XDHA.2476@tk2msftngp13.phx.gbl...
> Is it possible to protect access to "regular" HTML files mixed in with
ASPX
> files.  After implementing forms authentication, I was able to get right
to
> an HTML page without any problems (not what I want).  I then renamed it to
> an ASPX file and it redirected to the login page (what I do want).
>
> I assume this is because there is no "intelligence" behind HTML.  However,
I
> would like to use the built-in authentication capability for all types of
> pages.  Any suggestions or am I missing something?  I have included
portions
> of web.config below.
>
> Thanks,
> John Virgolino
>
> <location path="app">
>
> <system.web>
>
>     <authorization>
>
>         <deny users="?" />
>
>     </authorization>
>
> </system.web>
>
> </location>
>
>
>
> <authentication mode="Forms">
>
>     <forms name=".myauth" loginUrl="login.aspx" protection="All" path="/"
/>
>
> </authentication>
>
> <authorization>
>
>     <deny users="?" />
>
> </authorization>
>
>

---

• Next message: Eric Newton: "Re: Newbie Hello World Authentication Issue"
• Previous message: Eric Newton: "Re: Secure Database-Driven output to Web-Controls like Repeater"
• In reply to: John Virgolino: "Forms authentication for HTML files"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: Protecting Web Files from Direct Access ... built-in security of a kind. ... Forms Authentication automatically redirects users who access pages on your ... I'm trying to figure out how to rewrite an HTML ... page so that it performs the function of the HTML whilst being an ASPX page. ... (microsoft.public.dotnet.security) RE: HTML file server side includes plus forms authentication ... For the .html hyperlinks generated by your DLL you write an HTTP Handler ... that does an URL rewrite from .html to .aspx. ... > authentication to control access to particular directories/applications. ... (microsoft.public.dotnet.framework.aspnet) RE: Protecting Web Files from Direct Access ... If you want that those files take part in the ASP.NET security infrastructure - you have to make them pass the .NET runtime. ... Forms Authentication automatically redirects users who access pages on your ... every one of the pages has the filename extension ASPX. ... filename extension HTML are not protected. ... (microsoft.public.dotnet.security) Forms authentication for HTML files ... Is it possible to protect access to "regular" HTML files mixed in with ASPX ... After implementing forms authentication, I was able to get right to ... (microsoft.public.dotnet.framework.aspnet.security) Re: Draw Images on fly ... An HTML document is pure text. ... Now, my original message said to use an ASPX page, *not* an ASCX UserControl ... and display it,the image is shown but the main page's contenttype turn to ... (microsoft.public.dotnet.framework.aspnet)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)