Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 562
  • Last Modified:

Anonymous access to Theme with Security in web.config

Hi all

I have an asp.net 2.0 website with 2 themes, red and blue.
Everything works perfect, except for that I want anonymous users can see the default theme (blue).
A user who has logged in can go to the configuration page to choose his/her favorite theme.

Anonymous users don't have access to the default theme.

Here is an extract of my web.config
-----------------------------------------

    <authorization>
       <deny users="?" />
    </authorization>

    <authentication mode="Forms" />

    <anonymousIdentification enabled="true"/>

    <profile>
      <properties>
        <add name="MyTheme" defaultValue="Blue" allowAnonymous="true"/>
      </properties>
    </profile>

If I omit the deny users="?" it works perfectly but I want users (who are registered) be able to change colors, and anonymous users can only see one default theme, so that the site has a nice structure

Can anyone help me please?

Thx

Gerrie
0
gerrie_govaerts
Asked:
gerrie_govaerts
1 Solution
 
gerrie_govaertsAuthor Commented:
Found the solution by myself.
Here comes it for those who are interested

Set the following in web.config

First I deny access to all anonymous users

      <authorization>
        <deny users="?"/>
      </authorization>

Then I allow identification for anonymous users

      <anonymousIdentification enabled="true"/>

A profile setting for your favourite theme (on user basis) with a default theme for every anonymous user

      <profile>
        <properties>
          <add name="MyTheme" defaultValue="Blue" allowAnonymous="true"/>
        </properties>
      </profile>

  A location that points to the special asp.net 2.0 directory where the themes are managed, set them to be accessible for the anonymous users

  <location path="App_Themes">
    <system.web>
      <authorization>
        <allow users="?"/>
      </authorization>
    </system.web>
  </location>


This does the job perfectly. Anonymous users can see the default theme (blue in this case) and if they are succesfully logged in they can change this profile setting on an aspx page.
0
 
EE_AutoDeleterCommented:
gerrie_govaerts,
Because you have presented a solution to your own problem which may be helpful to future searches, this question is now PAQed and your points have been refunded.

EE_AutoDeleter
0
 
richardhaegerCommented:
Hello Gerrie,

Just to let you know, I solved the same problem with less steps.

I did not use these:

<anonymousIdentification enabled="true"/>
allowAnonymous="true"

And now it works.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now