Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Forms Authentication to protect .cgi application problem

Reply
Thread Tools

Forms Authentication to protect .cgi application problem

 
 
Stephen Davies
Guest
Posts: n/a
 
      12-30-2004
I have enabled forms authentication on an IIS 6 W2k3 server to protect access
to the application files until authenticated.

The actual application apart from the login/logout files is .cgi based so I
have added a “Wildcard Application Map” entry

site properties
home directory tab
Configuration
Application Configuration

to point to the “aspnet_isapi.dll” so that .cgi application files must be
authenticated before they can run.

So far all seems to be working well, direct invocation of the .cgi
application is trapped and redirected to the login screen but after logging
in I am prompted with a download dialog (as if there were no mime type)

1. If I remove the Wildcard Application Mapping the .cgi application runs
2. If I allow users=”*” in the authorization section of the web config (with
the wildcard application mapping in place) it also works perfectly.

On top of this I also have an httphandler routine to perform a URLRewrite to
catch the application logout command, although the symptoms above are exactly
the same when its removed from the web config.

Any help on this would be greatly appreciated.

Regards
Stephen Davies

 
Reply With Quote
 
 
 
 
[MSFT]
Guest
Posts: n/a
 
      12-31-2004
Hello Stephen,

How did you redirect from the logon form to the CGI file? If you code like:

Response.Redirect

or

Server.Transfer

Will it get work?

Luke

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Best practices for using forms authentication and security in a hosted env (was: Re: Using a Forms authentication in a shared hosting environment) JEFF ASP .Net 1 11-12-2007 07:00 PM
forms authentication -- expired forms cookie vs. not provided forms cookie Eric ASP .Net Security 2 01-27-2006 10:09 PM
Forms Authentication to protect a cgi application Stephen Davies ASP .Net Security 13 01-09-2005 09:35 PM
Re: Forms authentication to protect non-aspx files? Peter Rilling ASP .Net 1 06-07-2004 09:15 PM
Forms Authentication question: How to have some pages open and some requiring forms authentication Eric ASP .Net 2 02-13-2004 02:14 PM



Advertisments