Forms Auth. Question

Re: Forms Auth. Question

Hi,

If you are using roles this is really fast to do. Put this in your
<system.web> section of your web.config file:


<authenticati on mode="Forms">
<forms loginUrl="Login .aspx"></forms>
</authentication>

<authorizatio n>
<allow users="*" /> <!-- Allow all users -->
</authorization>

Then at the top right under <configuratio n> put in something like below that
matches what you want to do:

<location path="Members/Administrator">
<system.web>
<authorizatio n>
<allow roles="Administ rator"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>

<location path="Members/Customer">
<system.web>
<authorizatio n>
<allow roles="Customer "></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>

That gives Administrators access to the www.mysite.com/members/administrator
folder and Customers access to the www.mysite.com/members/customer folder.
If someone who isn't in the correct role tries to access any .aspx files in
those folders they are redirected to the login.aspx page. Good luck! Ken.

--
Ken Dopierala Jr.
For great ASP.Net web hosting try:

If you sign up under me and need help, email me.

"V. Jenks" <anonymous@disc ussions.microso ft.com> wrote in message
news:078b01c4df c5$b1f96740$a50 1280a@phx.gbl.. .[color=blue]
> Using forms authentication, can I control which pages
> and/or directories a user would have access to or is that
> only available with Windows authentication?
>
> Thanks![/color]

Re: Forms Auth. Question

you can use security roles defined on daabase table and can check
wheather use has previlage to access to that page or module and redirect
to login page if not

--
rajagopal

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Re: Forms Auth. Question

By roles, do you mean roles in Windows? I'm not, I'm
asking in the context of forms authentication only, where
all users are listed in the web.config file.

As long as I can just rely on the application and not
Windows or some other form of authentication, then it's
what I'm looking for.

[color=blue]
>-----Original Message-----
>Hi,
>
>If you are using roles this is really fast to do. Put[/color]
this in your[color=blue]
><system.web> section of your web.config file:
>
>
> <authenticati on mode="Forms">
> <forms loginUrl="Login .aspx"></forms>
> </authentication>
>
> <authorizatio n>
> <allow users="*" /> <!-- Allow all users -->
> </authorization>
>
>Then at the top right under <configuratio n> put in[/color]
something like below that[color=blue]
>matches what you want to do:
>
> <location path="Members/Administrator">
> <system.web>
> <authorizatio n>
> <allow roles="Administ rator"></allow>
> <deny users="*"/>
> </authorization>
> </system.web>
> </location>
>
> <location path="Members/Customer">
> <system.web>
> <authorizatio n>
> <allow roles="Customer "></allow>
> <deny users="*"/>
> </authorization>
> </system.web>
> </location>
>
>That gives Administrators access to the[/color]
www.mysite.com/members/administrator[color=blue]
>folder and Customers access to the[/color]
www.mysite.com/members/customer folder.[color=blue]
>If someone who isn't in the correct role tries to access[/color]
any .aspx files in[color=blue]
>those folders they are redirected to the login.aspx page.[/color]
Good luck! Ken.[color=blue]
>
>--
>Ken Dopierala Jr.
>For great ASP.Net web hosting try:
>http://www.webhost4life.com/default.asp?refid=Spinlight
>If you sign up under me and need help, email me.
>
>"V. Jenks" <anonymous@disc ussions.microso ft.com> wrote in[/color]
message[color=blue]
>news:078b01c4d fc5$b1f96740$a5 01280a@phx.gbl. ..[color=green]
>> Using forms authentication, can I control which pages
>> and/or directories a user would have access to or is that
>> only available with Windows authentication?
>>
>> Thanks![/color]
>
>
>.
>[/color]

Re: Forms Auth. Question

Hi,

With Forms authentication you have two database tables. All of your user
logins and all the roles each user is in. Check out this link:



You can also do a search on "roles-based forms authentication" . Forms
authentication is actually what you use when you don't want to use Windows
authentication. The link above will give you the code and the tags I posted
earlier for your web.config file will finish up the job and you'll be all
set to go. Good luck! Ken.

--
Ken Dopierala Jr.
For great ASP.Net web hosting try:

If you sign up under me and need help, email me.

"V. Jenks" <anonymous@disc ussions.microso ft.com> wrote in message
news:130b01c4df f7$0bbd0670$a40 1280a@phx.gbl.. .[color=blue]
> By roles, do you mean roles in Windows? I'm not, I'm
> asking in the context of forms authentication only, where
> all users are listed in the web.config file.
>
> As long as I can just rely on the application and not
> Windows or some other form of authentication, then it's
> what I'm looking for.
>
>[color=green]
> >-----Original Message-----
> >Hi,
> >
> >If you are using roles this is really fast to do. Put[/color]
> this in your[color=green]
> ><system.web> section of your web.config file:
> >
> >
> > <authenticati on mode="Forms">
> > <forms loginUrl="Login .aspx"></forms>
> > </authentication>
> >
> > <authorizatio n>
> > <allow users="*" /> <!-- Allow all users -->
> > </authorization>
> >
> >Then at the top right under <configuratio n> put in[/color]
> something like below that[color=green]
> >matches what you want to do:
> >
> > <location path="Members/Administrator">
> > <system.web>
> > <authorizatio n>
> > <allow roles="Administ rator"></allow>
> > <deny users="*"/>
> > </authorization>
> > </system.web>
> > </location>
> >
> > <location path="Members/Customer">
> > <system.web>
> > <authorizatio n>
> > <allow roles="Customer "></allow>
> > <deny users="*"/>
> > </authorization>
> > </system.web>
> > </location>
> >
> >That gives Administrators access to the[/color]
> www.mysite.com/members/administrator[color=green]
> >folder and Customers access to the[/color]
> www.mysite.com/members/customer folder.[color=green]
> >If someone who isn't in the correct role tries to access[/color]
> any .aspx files in[color=green]
> >those folders they are redirected to the login.aspx page.[/color]
> Good luck! Ken.[color=green]
> >
> >--
> >Ken Dopierala Jr.
> >For great ASP.Net web hosting try:
> >http://www.webhost4life.com/default.asp?refid=Spinlight
> >If you sign up under me and need help, email me.
> >
> >"V. Jenks" <anonymous@disc ussions.microso ft.com> wrote in[/color]
> message[color=green]
> >news:078b01c4d fc5$b1f96740$a5 01280a@phx.gbl. ..[color=darkred]
> >> Using forms authentication, can I control which pages
> >> and/or directories a user would have access to or is that
> >> only available with Windows authentication?
> >>
> >> Thanks![/color]
> >
> >
> >.
> >[/color][/color]

Re: Forms Auth. Question

Hi,

By the way, the link I posted uses only one database table. You can do it
that way too. I prefer to use two, one for my login credentials and one for
my roles where each user/role combination is given a seperate row that I can
date/time stamp and etc. Ken.

"Ken Dopierala Jr." <kdopierala2@wi .rr.com> wrote in message
news:u0zIow$3EH A.2568@TK2MSFTN GP10.phx.gbl...[color=blue]
> Hi,
>
> With Forms authentication you have two database tables. All of your user
> logins and all the roles each user is in. Check out this link:
>
> http://www.devhood.com/tutorials/tut...utorial_id=433
>
> You can also do a search on "roles-based forms authentication" . Forms
> authentication is actually what you use when you don't want to use Windows
> authentication. The link above will give you the code and the tags I[/color]
posted[color=blue]
> earlier for your web.config file will finish up the job and you'll be all
> set to go. Good luck! Ken.
>
> --
> Ken Dopierala Jr.
> For great ASP.Net web hosting try:
> http://www.webhost4life.com/default.asp?refid=Spinlight
> If you sign up under me and need help, email me.
>
> "V. Jenks" <anonymous@disc ussions.microso ft.com> wrote in message
> news:130b01c4df f7$0bbd0670$a40 1280a@phx.gbl.. .[color=green]
> > By roles, do you mean roles in Windows? I'm not, I'm
> > asking in the context of forms authentication only, where
> > all users are listed in the web.config file.
> >
> > As long as I can just rely on the application and not
> > Windows or some other form of authentication, then it's
> > what I'm looking for.
> >
> >[color=darkred]
> > >-----Original Message-----
> > >Hi,
> > >
> > >If you are using roles this is really fast to do. Put[/color]
> > this in your[color=darkred]
> > ><system.web> section of your web.config file:
> > >
> > >
> > > <authenticati on mode="Forms">
> > > <forms loginUrl="Login .aspx"></forms>
> > > </authentication>
> > >
> > > <authorizatio n>
> > > <allow users="*" /> <!-- Allow all users -->
> > > </authorization>
> > >
> > >Then at the top right under <configuratio n> put in[/color]
> > something like below that[color=darkred]
> > >matches what you want to do:
> > >
> > > <location path="Members/Administrator">
> > > <system.web>
> > > <authorizatio n>
> > > <allow roles="Administ rator"></allow>
> > > <deny users="*"/>
> > > </authorization>
> > > </system.web>
> > > </location>
> > >
> > > <location path="Members/Customer">
> > > <system.web>
> > > <authorizatio n>
> > > <allow roles="Customer "></allow>
> > > <deny users="*"/>
> > > </authorization>
> > > </system.web>
> > > </location>
> > >
> > >That gives Administrators access to the[/color]
> > www.mysite.com/members/administrator[color=darkred]
> > >folder and Customers access to the[/color]
> > www.mysite.com/members/customer folder.[color=darkred]
> > >If someone who isn't in the correct role tries to access[/color]
> > any .aspx files in[color=darkred]
> > >those folders they are redirected to the login.aspx page.[/color]
> > Good luck! Ken.[color=darkred]
> > >
> > >--
> > >Ken Dopierala Jr.
> > >For great ASP.Net web hosting try:
> > >http://www.webhost4life.com/default.asp?refid=Spinlight
> > >If you sign up under me and need help, email me.
> > >
> > >"V. Jenks" <anonymous@disc ussions.microso ft.com> wrote in[/color]
> > message[color=darkred]
> > >news:078b01c4d fc5$b1f96740$a5 01280a@phx.gbl. ..
> > >> Using forms authentication, can I control which pages
> > >> and/or directories a user would have access to or is that
> > >> only available with Windows authentication?
> > >>
> > >> Thanks!
> > >
> > >
> > >.
> > >[/color][/color]
>
>[/color]