Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

windowsauthentication asp .net 2.0

Status
Not open for further replies.
newbieAl

newbieAl

Programmer
Sep 10, 2007
21
US
I have the following in place. Is this sufficient code for windows authentication and AD roles? Is the code in the right event (page_load) or should it be somewhere else?

Right now I get the statement on the top of the screen, you do not have access, and the default page loads. I'm not in the 'aRole'.

Also, can this type of code be tested on the local machine or does it have to be uploaded on a dev or production server?

authentication mode="Windows"
authorization
deny users="?" /> <!--Deny anonymous users -->
allow roles="domain\roleA,domain\roleB"
authorization

identity impersonate="true"

(page_load event)
If User.IsInRole("aRole") Then
Response.Redirect("~\default.aspx")
Else
Response.Write("you do not have access")

End If
 
Sort by date Sort by votes
you shouldn't need any code in the aspx to authenticate, if your using the web.config.
use the <location> tag to authorize different files/directories of your application.

Jason Meckley
Programmer
Specialty Bakers, Inc.
 
Upvote 0 Downvote
so just add as follows?

<location path="~\default.aspx>

<location path="~\APage.aspx>
 
Upvote 0 Downvote
what I am asking is, if I need more than one location do I do this like shown above?
 
Upvote 0 Downvote
within each location tag you need to set the appropiate settings. search MSDN and google for more information on web.config location tags

Jason Meckley
Programmer
Specialty Bakers, Inc.
 
Upvote 0 Downvote
have you tried,

If User.Identity.IsAuthenticated = False Then Server.Transfer ("notauthorised.aspx")

for users who are not authorised, authorised users will stay on the page.

and

If Roles.IsUserInRole("DeclaredRole") = False Then Server.Transfer ("notauthorised.aspx")

for users who have to be part of a certain role

Regards
Phil

Working towards my MCSE/A and CompTIA. Any help greatly appreciated.
 
Upvote 0 Downvote
thanks, Phil, that's good info. However, what is the difference between using server.transfer and response.redirect? Is one better than the other?
 
Upvote 0 Downvote
newbieAl said:
what is the difference between using server.transfer and response.redirect? Is one better than the other?
Click to expand...
that's what google/MSDN/<F1> are for.

while Phil's method would work, it requires code on every page. this is duplicated functionality and leads to problems if users/roles change.

Jason Meckley
Programmer
Specialty Bakers, Inc.
 
Upvote 0 Downvote
However, what is the difference between using server.transfer and response.redirect? Is one better than the other?
Click to expand...
It would be quite easy to find out...[google]Server.Transfer[/google]


-------------------------------------------------------

Mark,
[URL unfurl="true"]http://aspnetlibrary.com[/url]
[URL unfurl="true"]http://mdssolutions.co.uk[/url] - Delivering professional ASP.NET solutions
[URL unfurl="true"]http://weblogs.asp.net/marksmith[/url]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Makumbi256
  • Locked
  • Question
How to make days vertical and grid view editable using asp.net vb
Replies
0
Views
623
Makumbi256
Makumbi256
WIREMESH
  • Locked
  • Question
Play mp4 files in asp.net 2.0 webforms application
Replies
0
Views
173
WIREMESH
WIREMESH
snakehips2000
  • Locked
  • Question
Entity Framework, MVC, ASP.NET, ASP.NET Core etc… etc
Replies
0
Views
624
snakehips2000
snakehips2000
WIREMESH
  • Locked
  • Question
ASP.NET 2.0 Webform compilation error
Replies
1
Views
232
jbenson001
jbenson001
WIREMESH
  • Locked
  • Question
Adding https to existing ASP.NET 2.0 web forms application
Replies
1
Views
224
jbenson001
jbenson001

Part and Inventory Search

Sponsor

Back
Top