[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Windows authentication - unable to allow access to folder to a user(s)

Posted on 2008-02-05
7
Medium Priority
?
691 Views
Last Modified: 2010-04-21
Hi,

I have an ASP.NET 2.0 application.  Web server (I have been informed) has Windows authentication enabled, and Anonymous access disabled.

Web.Config has the following:

 <authentication mode="Windows">      
    </authentication>
    <authorization>      
      <deny users="?"/>
    </authorization>    

I need to secure access to a folder so created a web.config folder and placed it in the folder itself (which I believe is one way to do it).

<?xml version="1.0"?>
<!--
    Note: As an alternative to hand editing this file you can use the
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in
    machine.config.comments usually located in
    \Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
  <system.web>          
          <authorization>
           <allow users = "RD/MP9293Q"/>
            <deny users="*"/>            
          </authorization>      
    </system.web>
</configuration>

This is my domain and windows login.  I am now being prompted for credentials (which I dont want), but even when I enter my logon details - I cant get in.

What can I do?

Thanks


0
Comment
Question by:p_love
  • 4
  • 2
7 Comments
 
LVL 8

Expert Comment

by:Yiogi
ID: 20825105
a) Make sure you use identity impersonate on your config file which I don't see there.
b) Check the actual file permissions on the folder. Make all children take the parent permissions, if you copied your files from another folder permissions would get scrambled.
0
 
LVL 1

Author Comment

by:p_love
ID: 20825117
Hi,

What folder permissions do I need to assign?  Just the ASPNET user?  I dont want to have to set folder rights for every individual user do I?  Whats the logic in unsing impersonate?  Does this mean I have to set folder permissions on a user by user basis also?

Regards

p_love
0
 
LVL 11

Accepted Solution

by:
vs1784 earned 2000 total points
ID: 20825135
It should be

RD\MP9293Q

Instead of RD/MP9293Q

Thanks,
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
LVL 1

Author Closing Comment

by:p_love
ID: 31428195
DOHHHHHHHHHHHHHH!!

Thanks
0
 
LVL 8

Expert Comment

by:Yiogi
ID: 20825163
no you do not need to set them for every individual user. The ASPNET and maybe IIS_WPG should suffice. If you want I can check when I get back to work tomorrow as I did the same thing recently.
0
 
LVL 1

Author Comment

by:p_love
ID: 20825205
As an aside (!), how can I redirect users to a page when they fail authentication rather than them being asked for credentials?
0
 
LVL 1

Author Comment

by:p_love
ID: 20825208
Thanks

As an aside (!), how can I redirect users to a page when they fail authentication rather than them being asked for credentials?
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Get the source code for a fully functional Access application shell with several popular security features that Access VBA application developers desire, but find difficult or impossible to figure out how to code. You get the source code for managi…

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question