«

Hi,

I have a strange problem. We develop CMS solutions and in our asp.net 1.1
version I can restrict downloads by mapping the file extension to the 1.1
aspnet_isapi DLL, I also restrict the folder containing the restricted
download files to prevent direct access to them. I am winning Server 2003
with IIS 6, both 1.1 and 2.0 are installed properly (we have both 1.1 and
2.0 sites running.



However we migrated our CMS to 2.0 and all is well and works properly except
the fact that when I map the file extension to the 2.0 aspnet_isapi DLL in
IIS and restrict the folder as I did in 1.1 logged in users get a timeout
trying to download the fie, non-logged in users of course get our access
denied/login as they should.



If I remove the mapping them any user (non-logged in and logged in) can
access and download the file.



In the web.config (Content is the folder containing restricted files (*.zip
mapped in IIS).



<location path="Content">

<system.web>

<authorization>

<allow roles="Admins"/>

<allow roles="Editors"/>

<allow roles="Subscribers"/>

<deny users="*" />

</authorization>

</system.web>

</location>



Is there a change in asp.net 2.0 from 1.1 that I missing? The same routine
works perfectly in our asp.net 1.1 version.

There is a document of breaking changes from .NET 1.1 to .NET 2.0. I am not
sure if this is one of them. If I can find the link (the old one is broken
now as GotDotNet.com is no longer a supported site), I will post it.

Perhaps a google search. Thus far I have found:

http://learn.iis.net/page.aspx/381/a...ges-on-iis-70/

http://mvolo.com/blogs/serverside/ar...ated-mode.aspx

The original(s) were a Word doc and a CHM file.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

*************************************************
| Think outside the box! |
*************************************************


"Allen Harkleroad" <allen _ mvp at msn dot com> wrote in message
news:##...
> Hi,
>
> I have a strange problem. We develop CMS solutions and in our asp.net 1.1
> version I can restrict downloads by mapping the file extension to the 1.1
> aspnet_isapi DLL, I also restrict the folder containing the restricted
> download files to prevent direct access to them. I am winning Server 2003
> with IIS 6, both 1.1 and 2.0 are installed properly (we have both 1.1 and
> 2.0 sites running.
>
>
>
> However we migrated our CMS to 2.0 and all is well and works properly
> except the fact that when I map the file extension to the 2.0 aspnet_isapi
> DLL in IIS and restrict the folder as I did in 1.1 logged in users get a
> timeout trying to download the fie, non-logged in users of course get our
> access denied/login as they should.
>
>
>
> If I remove the mapping them any user (non-logged in and logged in) can
> access and download the file.
>
>
>
> In the web.config (Content is the folder containing restricted files
> (*.zip mapped in IIS).
>
>
>
> <location path="Content">
>
> <system.web>
>
> <authorization>
>
> <allow roles="Admins"/>
>
> <allow roles="Editors"/>
>
> <allow roles="Subscribers"/>
>
> <deny users="*" />
>
> </authorization>
>
> </system.web>
>
> </location>
>
>
>
> Is there a change in asp.net 2.0 from 1.1 that I missing? The same routine
> works perfectly in our asp.net 1.1 version.
>
>

Thanks will check them out, if you can find that link it would be great.

Allen


"Cowboy (Gregory A. Beamer)" <> wrote in
message news:...
> There is a document of breaking changes from .NET 1.1 to .NET 2.0. I am
> not sure if this is one of them. If I can find the link (the old one is
> broken now as GotDotNet.com is no longer a supported site), I will post
> it.
>
> Perhaps a google search. Thus far I have found:
>
> http://learn.iis.net/page.aspx/381/a...ges-on-iis-70/
>
> http://mvolo.com/blogs/serverside/ar...ated-mode.aspx
>
> The original(s) were a Word doc and a CHM file.
>
> --
> Gregory A. Beamer
> MVP; MCP: +I, SE, SD, DBA
>
> *************************************************
> | Think outside the box! |
> *************************************************
>
>
> "Allen Harkleroad" <allen _ mvp at msn dot com> wrote in message
> news:##...
>> Hi,
>>
>> I have a strange problem. We develop CMS solutions and in our asp.net 1.1
>> version I can restrict downloads by mapping the file extension to the 1.1
>> aspnet_isapi DLL, I also restrict the folder containing the restricted
>> download files to prevent direct access to them. I am winning Server 2003
>> with IIS 6, both 1.1 and 2.0 are installed properly (we have both 1.1 and
>> 2.0 sites running.
>>
>>
>>
>> However we migrated our CMS to 2.0 and all is well and works properly
>> except the fact that when I map the file extension to the 2.0
>> aspnet_isapi DLL in IIS and restrict the folder as I did in 1.1 logged in
>> users get a timeout trying to download the fie, non-logged in users of
>> course get our access denied/login as they should.
>>
>>
>>
>> If I remove the mapping them any user (non-logged in and logged in) can
>> access and download the file.
>>
>>
>>
>> In the web.config (Content is the folder containing restricted files
>> (*.zip mapped in IIS).
>>
>>
>>
>> <location path="Content">
>>
>> <system.web>
>>
>> <authorization>
>>
>> <allow roles="Admins"/>
>>
>> <allow roles="Editors"/>
>>
>> <allow roles="Subscribers"/>
>>
>> <deny users="*" />
>>
>> </authorization>
>>
>> </system.web>
>>
>> </location>
>>
>>
>>
>> Is there a change in asp.net 2.0 from 1.1 that I missing? The same
>> routine works perfectly in our asp.net 1.1 version.
>>
>>