Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Any way to have a .Net application not let a .html document go through unless they have logged in?

Reply
Thread Tools

Any way to have a .Net application not let a .html document go through unless they have logged in?

 
 
Mufasa
Guest
Posts: n/a
 
      04-13-2007
I have a web site with a page on it (index.html) that is used for our
internal users but is on a public web site. Currently the entire directory
is password protected through IIS. Problem is - everybody uses the same User
ID/Password.

So I was going to do the normal Forms Authentication that would force
somebody to log in. Got all that to work. If they enter an invalid
password - all works fine. They log in correctly and it takes them to
index.html.

Problem is, if they go directly to index.html it let's them in. Anyway to
stop this from happening. I have <deny users="?" /> in my web.config.

This is in .Net 2.0 btw.

TIA - Jeff.


 
Reply With Quote
 
 
 
 
Cowboy \(Gregory A. Beamer\)
Guest
Posts: n/a
 
      04-13-2007
You can set up an HttpHandler for the HTML pages that forces the user
through the same authentication process. I would do a search for HTTP
Handler to find examples. This is, in essence, like an ISAPI filter.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
http://gregorybeamer.spaces.live.com

*********************************************
Think outside the box!
*********************************************
"Mufasa" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I have a web site with a page on it (index.html) that is used for our
>internal users but is on a public web site. Currently the entire directory
>is password protected through IIS. Problem is - everybody uses the same
>User ID/Password.
>
> So I was going to do the normal Forms Authentication that would force
> somebody to log in. Got all that to work. If they enter an invalid
> password - all works fine. They log in correctly and it takes them to
> index.html.
>
> Problem is, if they go directly to index.html it let's them in. Anyway to
> stop this from happening. I have <deny users="?" /> in my web.config.
>
> This is in .Net 2.0 btw.
>
> TIA - Jeff.
>
>


 
Reply With Quote
 
 
 
 
Larry Bud
Guest
Posts: n/a
 
      04-13-2007
On Apr 13, 11:03 am, "Mufasa" <(E-Mail Removed)> wrote:
> I have a web site with a page on it (index.html) that is used for our
> internal users but is on a public web site. Currently the entire directory
> is password protected through IIS. Problem is - everybody uses the same User
> ID/Password.
>
> So I was going to do the normal Forms Authentication that would force
> somebody to log in. Got all that to work. If they enter an invalid
> password - all works fine. They log in correctly and it takes them to
> index.html.
>
> Problem is, if they go directly to index.html it let's them in. Anyway to
> stop this from happening. I have <deny users="?" /> in my web.config.


Why don't you just make index.html a .NET page?



 
Reply With Quote
 
Mufasa
Guest
Posts: n/a
 
      04-13-2007
I don't have control over the html page. It's being done by a secretary
through DreamWeaver.

"Larry Bud" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> On Apr 13, 11:03 am, "Mufasa" <(E-Mail Removed)> wrote:
>> I have a web site with a page on it (index.html) that is used for our
>> internal users but is on a public web site. Currently the entire
>> directory
>> is password protected through IIS. Problem is - everybody uses the same
>> User
>> ID/Password.
>>
>> So I was going to do the normal Forms Authentication that would force
>> somebody to log in. Got all that to work. If they enter an invalid
>> password - all works fine. They log in correctly and it takes them to
>> index.html.
>>
>> Problem is, if they go directly to index.html it let's them in. Anyway to
>> stop this from happening. I have <deny users="?" /> in my web.config.

>
> Why don't you just make index.html a .NET page?
>
>
>



 
Reply With Quote
 
Mufasa
Guest
Posts: n/a
 
      04-13-2007
Thanks. I'll look for that.

"Cowboy (Gregory A. Beamer)" <(E-Mail Removed)> wrote in
message news:(E-Mail Removed)...
> You can set up an HttpHandler for the HTML pages that forces the user
> through the same authentication process. I would do a search for HTTP
> Handler to find examples. This is, in essence, like an ISAPI filter.
>
> --
> Gregory A. Beamer
> MVP; MCP: +I, SE, SD, DBA
> http://gregorybeamer.spaces.live.com
>
> *********************************************
> Think outside the box!
> *********************************************
> "Mufasa" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>>I have a web site with a page on it (index.html) that is used for our
>>internal users but is on a public web site. Currently the entire directory
>>is password protected through IIS. Problem is - everybody uses the same
>>User ID/Password.
>>
>> So I was going to do the normal Forms Authentication that would force
>> somebody to log in. Got all that to work. If they enter an invalid
>> password - all works fine. They log in correctly and it takes them to
>> index.html.
>>
>> Problem is, if they go directly to index.html it let's them in. Anyway to
>> stop this from happening. I have <deny users="?" /> in my web.config.
>>
>> This is in .Net 2.0 btw.
>>
>> TIA - Jeff.
>>
>>

>



 
Reply With Quote
 
Rad [Visual C# MVP]
Guest
Posts: n/a
 
      04-14-2007
On Fri, 13 Apr 2007 13:03:32 -0400, Mufasa wrote:

> I don't have control over the html page. It's being done by a secretary
> through DreamWeaver.
>
> "Larry Bud" <(E-Mail Removed)> wrote in message


Still, she can just rename it to aspx. It would not be any different to her
but it would make a difference on the server
--
Bits.Bytes
http://bytes.thinkersroom.com
 
Reply With Quote
 
Kris Lankford
Guest
Posts: n/a
 
      04-14-2007
Jeff,

Make sure you add the protection="All" and path="/". This should solve your
problem.

<authentication mode="Forms">
<forms name=".Name" loginUrl="~/Login.aspx" timeout="20"
defaultUrl="~/index.html" protection="All" path="/"/>
</authentication>

"Mufasa" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I have a web site with a page on it (index.html) that is used for our
>internal users but is on a public web site. Currently the entire directory
>is password protected through IIS. Problem is - everybody uses the same
>User ID/Password.
>
> So I was going to do the normal Forms Authentication that would force
> somebody to log in. Got all that to work. If they enter an invalid
> password - all works fine. They log in correctly and it takes them to
> index.html.
>
> Problem is, if they go directly to index.html it let's them in. Anyway to
> stop this from happening. I have <deny users="?" /> in my web.config.
>
> This is in .Net 2.0 btw.
>
> TIA - Jeff.
>
>

 
Reply With Quote
 
Mufasa
Guest
Posts: n/a
 
      06-11-2007
This seems to work great. But now I get errors on certain controls -
RequiredFieldValidator and TreeView don't work.

Any thoughts?

"Kris Lankford" <(E-Mail Removed)> wrote in message
news(E-Mail Removed)...
> Jeff,
>
> Make sure you add the protection="All" and path="/". This should solve
> your problem.
>
> <authentication mode="Forms">
> <forms name=".Name" loginUrl="~/Login.aspx" timeout="20"
> defaultUrl="~/index.html" protection="All" path="/"/>
> </authentication>
>
> "Mufasa" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>>I have a web site with a page on it (index.html) that is used for our
>>internal users but is on a public web site. Currently the entire directory
>>is password protected through IIS. Problem is - everybody uses the same
>>User ID/Password.
>>
>> So I was going to do the normal Forms Authentication that would force
>> somebody to log in. Got all that to work. If they enter an invalid
>> password - all works fine. They log in correctly and it takes them to
>> index.html.
>>
>> Problem is, if they go directly to index.html it let's them in. Anyway to
>> stop this from happening. I have <deny users="?" /> in my web.config.
>>
>> This is in .Net 2.0 btw.
>>
>> TIA - Jeff.
>>
>>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Serious issue: parts of my page render as not logged in, parts as logged in. Help! pcloches@gmail.com ASP .Net 1 04-12-2007 12:50 AM
WiFi PC not on LAN unless logged on. matt@mfactortech.com Wireless Networking 11 09-11-2006 03:29 AM
LoginView does not show a logged in user as being logged in keithb ASP .Net 0 02-16-2006 05:20 PM
Unless unless Gábor SEBESTYÉN Ruby 3 06-17-2005 08:54 AM
winxp IE will not let you exit, and my comptuer / other folders will not let you open them. Daniel NZ Computing 2 05-11-2004 02:02 AM



Advertisments