NTFS Authentication

[acewilli]

I've also posted in the IIS forum but no one has replied.

Hello, I am need to set the NTFS security on each ASP page which I've done but now I'm not sure how to set IIS Security to check NTFS security and allow access based off of NTFS. I can get it to work and redirect to a custom page if access is denied but the issue is that IIS pops up a windows logon for the denied page before the redirect occurs. Is there a way to keep the same security but keep IIS from popping up the Windows Logon for the denied pages? I've tried everything so any help is greatly appreciated. Oh...one other thing. Only one person(One Account) can have access to each one of the NTFS secured pages so the Authenticated Users will not work in this case. Thank you in advance.

acewilli

 

[Sheco]

IIS does not pop up a logon dialog...

IIS return a "401 Access Denied"

The browser shows the popup logon box.

 

[acewilli]

Is there any way to keep this from happening or do I just need to create a new table in my database and store username and passwords for each user? I would much rather use NTFS so that it is seamless to the user.

Thank you,

acewilli

 

[Sheco]

Is this for an internal or public site?

 

[acewilli]

I was able to get the answer that I needed. I changed the IIS Security permissions to Windows Digest & Integrated Windows Authentication. I then set the file's NTFS permissions and added the code below to my ASP. I then wrote an IF statement checking for the correct Active Directory Account. Hope this helps someone else.

The IF statement below is not totally complete but the first part does work as long as you make the Security changes in IIS.

dim visitor
dim member
visitor=request.serverVariables("LOGON_USER")
member=right(visitor,len(visitor)-instr(1,visitor,"\"))

'------other code------
If member="acewilli" then
   'do something
elseif member="jdwilli" then
   'do something else
else
end if