.NETGURU
  Search:  
NamespacesDiscussions.NET v1.1Dot Net Guru's BlogIT Certification
forms-authentication
Messages   Related Types
This message was discovered on ASPFriends.com 'aspngsec' list.


gustavo.varo@itau.com.br
I tested the example and i liked very much this way to make security, =
but i didn't understand one thing, inside my project if i have some =
pages that no need be check(no security).

how can i mark the pages that need or not check the security ?

thanks a lot,

[]s,

Gustavo.

-----Original Message-----
From: Scott Mitchell [mailto:Click here to reveal e-mail address]
Sent: segunda-feira, 5 de agosto de 2002 17:12
To: aspngmigrate
Subject: [aspngmigrate] RE: Migrate ASP to ASP.NET

Gustavo, the ASP.NET team has made MANY things much easier in ASP.NET
than it was in classic ASP, and forms-based authentication and
authorization, the situation you've spelled out, is one of those.

To learn more, check out this article:

    Using Forms Authentication in ASP.NET
    http://www.4guysfromrolla.com/webtech/110701-1.shtml

It shows how to provide the functionality you're after in ASP.NET!
Happy Programming!

Scott Mitchell
Click here to reveal e-mail address
http://www.4GuysFromRolla.com/
http://www.ASPMessageboard.com/
http://www.ASPFAQs.com/

* When you think ASP, think 4GuysFromRolla.com!

| -----Original Message-----
| From: Click here to reveal e-mail address [mailto:Click here to reveal e-mail address]
| Sent: Monday, August 05, 2002 9:00 AM
| To: aspngmigrate
| Subject: [aspngmigrate] Migrate ASP to ASP.NET
|
|
| Hello everybody,
|
| I have a web application which users need be logged on the
| app. When i was using classical asp, i used a include that
| check a session variable that contains the name of the user
| and check if that user could be access the page.
|
| If the variable was null the include redirect to a logon
| page, if the user can't be access the include show a msg to
| user telling the user can't be access that page.
|
| Now i'm using asp.net, i would like to know what do you
| suggest for me to do in this case ????
|
| I'm trying to use a web user control, but isaw i have alot
| of limitations with wuc.
|
| Thanks,
|
| Gustavo.
|
| | [aspngmigrate] member Click here to reveal e-mail address =3D YOUR ID
| | http://www.asplists.com/asplists/aspngmigrate.asp =3D JOIN/QUIT

| [aspngmigrate] member Click here to reveal e-mail address =3D YOUR ID
| http://www.asplists.com/asplists/aspngmigrate.asp =3D JOIN/QUIT
Reply to this message...
 
    
Yannick Smits
Should use the location tag in your web.config file. See:
http://123aspx.com/resdetail.aspx?res=882
hth,
Yannick Smits

<Click here to reveal e-mail address> wrote in message news:694392@aspngsec...

I tested the example and i liked very much this way to make security, but i
didn't understand one thing, inside my project if i have some pages that no
need be check(no security).

how can i mark the pages that need or not check the security ?

thanks a lot,

[]s,

Gustavo.

-----Original Message-----
From: Scott Mitchell [mailto:Click here to reveal e-mail address]
Sent: segunda-feira, 5 de agosto de 2002 17:12
To: aspngmigrate
Subject: [aspngmigrate] RE: Migrate ASP to ASP.NET

Gustavo, the ASP.NET team has made MANY things much easier in ASP.NET
than it was in classic ASP, and forms-based authentication and
authorization, the situation you've spelled out, is one of those.

To learn more, check out this article:

Using Forms Authentication in ASP.NET
http://www.4guysfromrolla.com/webtech/110701-1.shtml

It shows how to provide the functionality you're after in ASP.NET!
Happy Programming!

Scott Mitchell
Click here to reveal e-mail address
http://www.4GuysFromRolla.com/
http://www.ASPMessageboard.com/
http://www.ASPFAQs.com/

* When you think ASP, think 4GuysFromRolla.com!

| -----Original Message-----
| From: Click here to reveal e-mail address [mailto:Click here to reveal e-mail address]
| Sent: Monday, August 05, 2002 9:00 AM
| To: aspngmigrate
| Subject: [aspngmigrate] Migrate ASP to ASP.NET
|
|
| Hello everybody,
|
| I have a web application which users need be logged on the
| app. When i was using classical asp, i used a include that
| check a session variable that contains the name of the user
| and check if that user could be access the page.
|
| If the variable was null the include redirect to a logon
| page, if the user can't be access the include show a msg to
| user telling the user can't be access that page.
|
| Now i'm using asp.net, i would like to know what do you
| suggest for me to do in this case ????
|
| I'm trying to use a web user control, but isaw i have alot
| of limitations with wuc.
|
| Thanks,
|
| Gustavo.
|
| | [aspngmigrate] member Click here to reveal e-mail address = YOUR ID
| | http://www.asplists.com/asplists/aspngmigrate.asp = JOIN/QUIT

| [aspngmigrate] member Click here to reveal e-mail address = YOUR ID
| http://www.asplists.com/asplists/aspngmigrate.asp = JOIN/QUIT
Reply to this message...
 
    
gustavo.varo@itau.com.br
Thanks for your answer,=20
but i didn't get work this [location path]

do you have some example that you tested and worked ?

thanks again,

Gustavo.

-----Original Message-----
From: Yannick Smits [mailto:Click here to reveal e-mail address]
Sent: ter=E7a-feira, 6 de agosto de 2002 15:17
To: aspngsec
Subject: [aspngsec] Re: forms-authentication

Should use the location tag in your web.config file. See:
http://123aspx.com/resdetail.aspx?res=3D882
hth,
Yannick Smits

<Click here to reveal e-mail address> wrote in message news:694392@aspngsec...

I tested the example and i liked very much this way to make security, =
but i
didn't understand one thing, inside my project if i have some pages that =
no
need be check(no security).

how can i mark the pages that need or not check the security ?

thanks a lot,

[]s,

Gustavo.

-----Original Message-----
From: Scott Mitchell [mailto:Click here to reveal e-mail address]
Sent: segunda-feira, 5 de agosto de 2002 17:12
To: aspngmigrate
Subject: [aspngmigrate] RE: Migrate ASP to ASP.NET

Gustavo, the ASP.NET team has made MANY things much easier in ASP.NET
than it was in classic ASP, and forms-based authentication and
authorization, the situation you've spelled out, is one of those.

To learn more, check out this article:

Using Forms Authentication in ASP.NET
http://www.4guysfromrolla.com/webtech/110701-1.shtml

It shows how to provide the functionality you're after in ASP.NET!
Happy Programming!

Scott Mitchell
Click here to reveal e-mail address
http://www.4GuysFromRolla.com/
http://www.ASPMessageboard.com/
http://www.ASPFAQs.com/

* When you think ASP, think 4GuysFromRolla.com!

| -----Original Message-----
| From: Click here to reveal e-mail address [mailto:Click here to reveal e-mail address]
| Sent: Monday, August 05, 2002 9:00 AM
| To: aspngmigrate
| Subject: [aspngmigrate] Migrate ASP to ASP.NET
|
|
| Hello everybody,
|
| I have a web application which users need be logged on the
| app. When i was using classical asp, i used a include that
| check a session variable that contains the name of the user
| and check if that user could be access the page.
|
| If the variable was null the include redirect to a logon
| page, if the user can't be access the include show a msg to
| user telling the user can't be access that page.
|
| Now i'm using asp.net, i would like to know what do you
| suggest for me to do in this case ????
|
| I'm trying to use a web user control, but isaw i have alot
| of limitations with wuc.
|
| Thanks,
|
| Gustavo.
|
| | [aspngmigrate] member Click here to reveal e-mail address =3D YOUR ID
| | http://www.asplists.com/asplists/aspngmigrate.asp =3D JOIN/QUIT

| [aspngmigrate] member Click here to reveal e-mail address =3D YOUR ID
| http://www.asplists.com/asplists/aspngmigrate.asp =3D JOIN/QUIT

| [aspngsec] member Click here to reveal e-mail address =3D YOUR ID
| http://www.asplists.com/asplists/aspngsec.asp =3D JOIN/QUIT
| http://www.asplists.com/search =3D SEARCH Archives
Reply to this message...
 
    
Daniel Kent
This works for me:

<configuration>
    <location path=3D"file.aspx">
        <system.web>
            <authorization>
                <allow =3D "*">
            </authorization>
        </system.web>
    </location>

<system.web>
...

I hope this helps

Dan.

Professional ASP.NET Security: Out in the next couple of weeks!
http://www.amazon.com/exec/obidos/ASIN/1861006209
(I'm the guy on the right)

-----Original Message-----
From: Click here to reveal e-mail address [mailto:Click here to reveal e-mail address]
Sent: 06 August 2002 20:04
To: aspngsec
Subject: [aspngsec] Re: forms-authentication

Thanks for your answer,=20
but i didn't get work this [location path]

do you have some example that you tested and worked ?

thanks again,

Gustavo.

-----Original Message-----
From: Yannick Smits [mailto:Click here to reveal e-mail address]
Sent: ter=E7a-feira, 6 de agosto de 2002 15:17
To: aspngsec
Subject: [aspngsec] Re: forms-authentication

Should use the location tag in your web.config file. See:
http://123aspx.com/resdetail.aspx?res=3D882
hth,
Yannick Smits

<Click here to reveal e-mail address> wrote in message news:694392@aspngsec...

I tested the example and i liked very much this way to make security, =
but i
didn't understand one thing, inside my project if i have some pages =
that no
need be check(no security).

how can i mark the pages that need or not check the security ?

thanks a lot,

[]s,

Gustavo.

-----Original Message-----
From: Scott Mitchell [mailto:Click here to reveal e-mail address]
Sent: segunda-feira, 5 de agosto de 2002 17:12
To: aspngmigrate
Subject: [aspngmigrate] RE: Migrate ASP to ASP.NET

Gustavo, the ASP.NET team has made MANY things much easier in ASP.NET
than it was in classic ASP, and forms-based authentication and
authorization, the situation you've spelled out, is one of those.

To learn more, check out this article:

Using Forms Authentication in ASP.NET
http://www.4guysfromrolla.com/webtech/110701-1.shtml

It shows how to provide the functionality you're after in ASP.NET!
Happy Programming!

Scott Mitchell
Click here to reveal e-mail address
http://www.4GuysFromRolla.com/
http://www.ASPMessageboard.com/
http://www.ASPFAQs.com/

* When you think ASP, think 4GuysFromRolla.com!

| -----Original Message-----
| From: Click here to reveal e-mail address [mailto:Click here to reveal e-mail address]
| Sent: Monday, August 05, 2002 9:00 AM
| To: aspngmigrate
| Subject: [aspngmigrate] Migrate ASP to ASP.NET
|
|
| Hello everybody,
|
| I have a web application which users need be logged on the
| app. When i was using classical asp, i used a include that
| check a session variable that contains the name of the user
| and check if that user could be access the page.
|
| If the variable was null the include redirect to a logon
| page, if the user can't be access the include show a msg to
| user telling the user can't be access that page.
|
| Now i'm using asp.net, i would like to know what do you
| suggest for me to do in this case ????
|
| I'm trying to use a web user control, but isaw i have alot
| of limitations with wuc.
|
| Thanks,
|
| Gustavo.
|
| | [aspngmigrate] member Click here to reveal e-mail address =3D YOUR ID
| | http://www.asplists.com/asplists/aspngmigrate.asp =3D JOIN/QUIT

| [aspngmigrate] member Click here to reveal e-mail address =3D YOUR ID
| http://www.asplists.com/asplists/aspngmigrate.asp =3D JOIN/QUIT

| [aspngsec] member Click here to reveal e-mail address =3D YOUR ID
| http://www.asplists.com/asplists/aspngsec.asp =3D JOIN/QUIT
| http://www.asplists.com/search =3D SEARCH Archives

| [aspngsec] member Click here to reveal e-mail address =3D YOUR ID
| http://www.asplists.com/asplists/aspngsec.asp =3D JOIN/QUIT
| http://www.asplists.com/search =3D SEARCH Archives
Reply to this message...
 
    
gustavo.varo@itau.com.br
I got.

see the example....

Configuration settings can be applied to specific resources by using a =
<location> tag with an appropriate path attribute. The path attribute =
can be used to identify a specific file or child directory to which =
unique configuration settings apply.=20

For example, the following configuration file specifies settings at =
three levels:=20

Settings that apply to the current directory and all child directories =
(everything contained within the top <configuration> tag).=20
Settings that apply to the Sub1 child directory (everything contained =
within the <location> tag with a path attribute set to Sub1).=20
Settings that apply to the Sub2 child directory (everything contained =
within the <location> tag with a path attribute set to Sub2).=20
<configuration>
<system.web> =20
<sessionState cookieless=3D"true" timeout=3D"10"=20
server=3D"localhost" port=3D"42424"/>
</system.web>
=20
<!- Configuration for the "Sub1" subdirectory. -->
<location path=3D"sub1">
<system.web>
<httpHandlers>
<add verb=3D"*" path=3D"Sub1.Scott" type=3D"Sub1.Scott"/>
<add verb=3D"*" path=3D"Sub1.David" type=3D"Sub1.David"/>
</httpHandlers>
</system.web>
</location>
=20
<!- Configuration for the "Sub2" subdirectory. -->
<location path=3D"sub2">
<system.web>
<httpHandlers>
<add verb=3D"*" path=3D"Sub2.Scott" type=3D"Sub2.Scott"/>
<add verb=3D"*" path=3D"Sub2.David" type=3D"Sub2.David"/>
</httpHandlers>
</system.web>
</location>
</configuration>

[]s,

Gustavo.

-----Original Message-----
From: Yannick Smits [mailto:Click here to reveal e-mail address]
Sent: ter=E7a-feira, 6 de agosto de 2002 15:17
To: aspngsec
Subject: [aspngsec] Re: forms-authentication

Should use the location tag in your web.config file. See:
http://123aspx.com/resdetail.aspx?res=3D882
hth,
Yannick Smits

<Click here to reveal e-mail address> wrote in message news:694392@aspngsec...

I tested the example and i liked very much this way to make security, =
but i
didn't understand one thing, inside my project if i have some pages that =
no
need be check(no security).

how can i mark the pages that need or not check the security ?

thanks a lot,

[]s,

Gustavo.

-----Original Message-----
From: Scott Mitchell [mailto:Click here to reveal e-mail address]
Sent: segunda-feira, 5 de agosto de 2002 17:12
To: aspngmigrate
Subject: [aspngmigrate] RE: Migrate ASP to ASP.NET

Gustavo, the ASP.NET team has made MANY things much easier in ASP.NET
than it was in classic ASP, and forms-based authentication and
authorization, the situation you've spelled out, is one of those.

To learn more, check out this article:

Using Forms Authentication in ASP.NET
http://www.4guysfromrolla.com/webtech/110701-1.shtml

It shows how to provide the functionality you're after in ASP.NET!
Happy Programming!

Scott Mitchell
Click here to reveal e-mail address
http://www.4GuysFromRolla.com/
http://www.ASPMessageboard.com/
http://www.ASPFAQs.com/

* When you think ASP, think 4GuysFromRolla.com!

| -----Original Message-----
| From: Click here to reveal e-mail address [mailto:Click here to reveal e-mail address]
| Sent: Monday, August 05, 2002 9:00 AM
| To: aspngmigrate
| Subject: [aspngmigrate] Migrate ASP to ASP.NET
|
|
| Hello everybody,
|
| I have a web application which users need be logged on the
| app. When i was using classical asp, i used a include that
| check a session variable that contains the name of the user
| and check if that user could be access the page.
|
| If the variable was null the include redirect to a logon
| page, if the user can't be access the include show a msg to
| user telling the user can't be access that page.
|
| Now i'm using asp.net, i would like to know what do you
| suggest for me to do in this case ????
|
| I'm trying to use a web user control, but isaw i have alot
| of limitations with wuc.
|
| Thanks,
|
| Gustavo.
|
| | [aspngmigrate] member Click here to reveal e-mail address =3D YOUR ID
| | http://www.asplists.com/asplists/aspngmigrate.asp =3D JOIN/QUIT

| [aspngmigrate] member Click here to reveal e-mail address =3D YOUR ID
| http://www.asplists.com/asplists/aspngmigrate.asp =3D JOIN/QUIT

| [aspngsec] member Click here to reveal e-mail address =3D YOUR ID
| http://www.asplists.com/asplists/aspngsec.asp =3D JOIN/QUIT
| http://www.asplists.com/search =3D SEARCH Archives
Reply to this message...
 
 




ExamGuru IT Solutions - .Net Guru is owned and operated by ExamGuru, Inc., the man behind .Net Guru. If you're in the market for bespoke software or software consultancy, why not get him and his highly trained team to help? - www.examguru.net/ITCertification
Ad


Need Dot Net Interview Questions?
Ask ExamGuru, Inc. for advice and help on Passing .Net Interviews
.Net Projects
Best-of-breed application framework for .NET projects, developed by ExamGuru, Inc. and ExamGuru IT
Free .net Help
Commission ExamGuru, Inc. and his team for your next bespoke software project
FogBUGZ
The only bug tracking system carefully crafted with one goal in mind: helping teams create great software.
Awesome Tools
If you don't know about these, you're missing out... IT Certification Questions
IT Interview Questions
Free Oracle 10g Training
MCSE Boortcamp
Cisco Study Guides
Cheap Study Guides
Exact Questions
Dot Net Interview Questions
Oracle OCP
Cheap Travel
Designer Perfumes - Wholesale Prices
Free Programming Tutorials
 
ExamGuru IT Solutions - .Net Guru is owned and operated by ExamGuru, Inc., the man behind .Net Guru. If you're in the market for bespoke software or software consultancy, why not get him and his highly trained team to help? - www.examguru.net/ITCertification
 Copyright © ExamGuru, Inc. 2001-2006
Contact Us - Terms of Use - Privacy Policy - www.dot-net-guru.com - www.examguru.net - www.oraclesource.net - www.itinterviews.net - www.examguru.net/ITCertification