Hi xenophon,
How are you doing on this issue, have you got any further ideas? If
there're anything else we can help, please feel free to post here. Thanks,
Steven Cheng
Microsoft Online Support
Get Secure!
www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| X-Tomcat-ID: 113841816
| References: <
[email protected]>
<
[email protected]>
<
[email protected]>
<
[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain
| Content-Transfer-Encoding: 7bit
| From: (e-mail address removed) (Steven Cheng[MSFT])
| Organization: Microsoft
| Date: Wed, 02 Nov 2005 06:42:14 GMT
| Subject: Re: Framework 1.1 Multiple Authentication?
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| Message-ID: <Q#
[email protected]>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| Lines: 132
| Path: TK2MSFTNGXA01.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.dotnet.framework.aspnet:135429
| NNTP-Posting-Host: TOMCATIMPORT1 10.201.218.122
|
| Thanks for your response Xenophon,
|
| Unfortunately to hear that you're using cookieless session state which
| means using cookie is not possible in your web application. Because the
| ASP.NET webapplicaiton's forms authentication support only cookie based
| authenticate ticket, if our web application does not use cookie, I'm
afraid
| we have to build our own form based autentication module which will store
| and retrieve authenticate ticket from session state( this is what we used
| to do in some classic ASP app...), we store a identify in session state
| after user login and then check that variable in each page's request to
| validate user.....
|
| Thanks,
|
| Steven Cheng
| Microsoft Online Support
|
| Get Secure!
www.microsoft.com/security
| (This posting is provided "AS IS", with no warranties, and confers no
| rights.)
|
|
|
| --------------------
| | NNTP-Posting-Date: Tue, 01 Nov 2005 12:55:08 -0600
| | From: xenophon <
[email protected]>
| | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | Subject: Re: Framework 1.1 Multiple Authentication?
| | Date: Tue, 01 Nov 2005 13:44:38 -0500
| | Message-ID: <
[email protected]>
| | References: <
[email protected]>
| <
[email protected]>
| <
[email protected]>
| | X-Newsreader: Forte Agent 2.0/32.646
| | MIME-Version: 1.0
| | Content-Type: text/plain; charset=us-ascii
| | Content-Transfer-Encoding: 7bit
| | Lines: 82
| | X-Trace:
|
sv3-bew6JhvVx9oLcRhELIGxliI1rf7309fefGlkpCqU8WZfMYNi5BiJcihbRIcASjA9j6mDUzTi
|
x0i5nwl!Puz0JJTJHTGqofprR1TopTbQjY+PIurZ+0secGlEzsfUJvilAg/AurXLOOBGBArZbNfg
| 2g==
| | X-Complaints-To: (e-mail address removed)
| | X-DMCA-Notifications:
http://www.giganews.com/info/dmca.html
| | X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
| | X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your
| complaint properly
| | X-Postfilter: 1.3.32
| | Path:
|
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
|
ne.de!border2.nntp.dca.giganews.com!border1.nntp.dca.giganews.com!nntp.gigan
|
ews.com!local01.nntp.dca.giganews.com!news.giganews.com.POSTED!not-for-mail
| | Xref: TK2MSFTNGXA01.phx.gbl
| microsoft.public.dotnet.framework.aspnet:135314
| | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| |
| | Thanks to you and Gustav and Patrick.
| |
| | I am using cookieless sessions and cannot use cookies at all for my
| | clients. How will Forms auth work in that case?
| |
| |
| |
| | n Mon, 31 Oct 2005 04:15:24 GMT, (e-mail address removed) (Steven
| | Cheng[MSFT]) wrote:
| |
| | >Thanks for Gaurav and Patrick's informative inputs.
| | >
| | >Hi xenophon,
| | >
| | >For providing separate authorization schema for mutiple sub dirs in
| asp.net
| | >web application, generally we have the following two options:
| | >1. Put a separate web.config in each sub dir which need
| formsauthentication
| | >protection. And override the <authorization> section in that
web.config.
| | >Thus, all the pages in that sub dir is protected to that
<authorization
| >
| | >setting.
| | >
| | >2. Use the <location> element as Gaurav has mentioned, this can help
us
| put
| | >the configuration for sub dir in the main web.config so as to avoid
put
| | >multiple sub web.config in each sub dir.
| | >
| | >#Configuration <location> Settings
| |
|
| t
| | >ionsettings.asp?frame=true
| | >
| | >Thanks,
| | >
| | >Steven Cheng
| | >Microsoft Online Support
| | >
| | >Get Secure!
www.microsoft.com/security
| | >(This posting is provided "AS IS", with no warranties, and confers no
| | >rights.)
| | >
| | >
| | >
| | >
| | >
| | >
| | >--------------------
| | >| From: "Patrick.O.Ige" <
[email protected]>
| | >| References: <
[email protected]>
| | >| Subject: Re: Framework 1.1 Multiple Authentication?
| | >| Date: Sun, 30 Oct 2005 12:27:29 +1100
| | >| Lines: 19
| | >| X-Priority: 3
| | >| X-MSMail-Priority: Normal
| | >| X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
| | >| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
| | >| Message-ID: <
[email protected]>
| | >| Newsgroups: microsoft.public.dotnet.framework.aspnet
| | >| NNTP-Posting-Host: d58-105-58-245.dsl.vic.optusnet.com.au
58.105.58.245
| | >| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
| | >| Xref: TK2MSFTNGXA01.phx.gbl
| | >microsoft.public.dotnet.framework.aspnet:134781
| | >| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| | >|
| | >| Xenophon try looking through this article at:-
| | >|
http://aspalliance.com/articleViewer.aspx?aId=501&pId=1
| | >| It should guide you.
| | >| Patrick
| | >|
| | >| | | >| >
| | >| > I have a web site with forms authentication and a single logon
page.
| I
| | >| > have 4 subdirectories, each that should be protected by a different
| | >| > username/password combination. For testing purposes, the
| | >| > username/password are hardcoded into the code-behind C# code.
| | >| >
| | >| > How can I write my web.config to make this happen?
| | >| >
| | >| > Thanks.
| | >| >
| | >|
| | >|
| | >|
| |
| |
|
|