Protecting site content
From: James (anonymous_at_discussions.microsoft.com)
Date: 05/07/04
- Next message: Ken Schaefer: "Re: response.redirect to an HTTPS not working"
- Previous message: Tario Saio: "New Project ASP.NET Error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 6 May 2004 17:46:02 -0700
I am using ASP.NET authentication and authorization to protect content in certian portions of a site. Through web.config and other means, I define user roles to access certain directories.
I also want this protection applied to static content (such as html and images). Originally this did not work b/c IIS was not doing a check with ASP.NET when retrieving such content. I updated the Action Mappings for these file extensions so that they were associated with the ASP.NET ISAPI DLL.
It works except for one thing.
The check is not performed when a default document is returned. Meaning, if I go to http://localhost/protected/ my browser displays default.htm (when it should redirect me to login). However, if I go to http://localhost/protected/default.htm I get redirected.
It's obvious that the check is not occuring b/c there is no extension mapping. Can I configure IIS to verify with .NET even if the GET was not for a particular document, but just a directory?
- Next message: Ken Schaefer: "Re: response.redirect to an HTTPS not working"
- Previous message: Tario Saio: "New Project ASP.NET Error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
