Re: Forms based security

From: Charlie Dison (charliedisonONLINE_at_vitalworks.com)
Date: 06/26/04

  • Next message: Charlie Dison: "Re: Forms based security" 
    Date: Sat, 26 Jun 2004 20:54:35 GMT

    Ok. that helps. Thanks
    "ranganh" <ranganh@discussions.microsoft.com> wrote in message
    news:985ABE3F-3E97-4557-93E8-1EDE5C89D06F@microsoft.com...
    > Dear Charlie,
    >
    > You don't need to arrange the authenticated pages inside a folder. You
    can specify the pages (say if they are minimum 5 pages etc.,) using location
    path. in that, you can also specify to allow the users, for whom you gave
    an userid. the following illustration shows the same:-
    >
    > <location path="ProtectedPage1.aspx">
    > <system.web>
    > <authorization>
    > <allow users="UserId" />
    > <deny users="*" />
    > </authorization>
    > </system.web>
    > </location>
    >
    > the above, would allow users with the above userid (whatever you give) and
    will deny all other users (anonymous and logged in).
    >
    > however, in case you want to allow users with above userid as well as
    their own userid (logged in), change the <deny users="?" />. this will
    restrict only people
    > who are not logged in.
    >
    > To check whether the user is logged in, use
    >
    > if(User.Identity.IsAuthenticated)
    > {
    >
    > }
    >
    > to get the User's Id, use
    >
    > User.Identity.Name
    >
    > hope it helps.
    >
    > "Charlie Dison" wrote:
    >
    > > Hi there,
    > > In forms based security do I have to arrange pages into
    subdirectories
    > > in order to secure them? I want the public to access my home page and
    > > public content but want to restrict other content only to those for whom
    > > I've granted a userid. Seems like I must organize all the private
    content
    > > into one or more subdirectories. My problem is that I have some content
    > > that should be accessible to both and I hate to have to specify
    directory
    > > names when redirecting. Is there something that I can place in the load
    > > event of each page that checks to see if the user has been authenticated
    > > (checks for the cookie that would have been created)
    > >
    > >
    > >
    > >
    > >
    >

  • Next message: Charlie Dison: "Re: Forms based security"

    Relevant Pages

    • Re: How to setup auto logon
      ... You can specify the UserID and Password using an individual shortcut that ... will have some command switches that includes the userid and its password, ...
      (microsoft.public.access.formscoding)
    • The Microsoft Jet database engine cannot open the file...
      ... If i don't specify a userid an pwd.. ... all permissions under admins group for the whole bang shoot and still no joy. ... Neal Rogers ...
      (microsoft.public.dotnet.framework.aspnet)
    • Urgent....Unsecuring a mdb (access 2000)
      ... If i don't specify a userid an pwd.. ... all permissions under admins group for the whole bang shoot and still no joy. ... Neal Rogers ...
      (microsoft.public.access.security)
    • Specifying Userid/Password in Copy Command
      ... do I specify the userid and password from the 'copy' ... I did not find this in the handful of Windows ...
      (microsoft.public.windows.server.scripting)
    • Re: "Trapping" in ntpd
      ... First of all, if you specify notrap on your restrict line, you don't ... If you specify noquery on your restrict line, you do stop all traps and ... following output after restarting ntpd and running ntptrap immediately ...
      (comp.protocols.time.ntp)