Geek Answers Handbook

Basic asp.net authentication

I have an intranet site with basic authentication.

Is it possible that only one page does not request credit cards? Like accessing anyone for just one page?

Is it possible to set something in web.config for a separate page?

+4
source share
3 answers

Add the following element to the configuration node: web.config:

 <location path="aFolder/aPageToExclude.aspx"> <system.web> <authorization> <allow users="*"/> </authorization> </system.web> </location>

For more information and usage, refer to the MSDN documentation: Location Element (ASP.NET Settings Diagram)

+6
source

What I am doing is that I do not use ASP.Net authentication. What I do when a user enters their username and password, I check the database if there is a line with the specified username and password.

You can do this using objDataSet.Tables[0].Rows.Count > 0 . You can put this in an if condition, and then take the username and put it in the session. You do it like this:

Session["username"] = (Username Variable Here) . Then you create two master pages: one for pages that are available only for logging in, and accessible for everyone. On the main page, which provides access only to a registered person, you can check whether the session data is zero or not. If it is zero, you can redirect this person to the login page. The LoggedIn master page may remain as it is. If you already have a main page, you can duplicate it and add this condition. If you have not yet implemented the master page, you can place a condition on the page load of each page for which the user must log in to access this page. Since you use sessions rather than cookies, it will be more difficult for the user to hack this system.

+1
source

you need to overwrite the settings for the web.config file.
you need to create one folder and create another web.config file in this folder.
Then put Page.aspx in this folder.
Then modify this web.config file as shown below:

 <authentication mode="Forms"> </authentication>

Note:

1) you do not need to mention users = *, it automatically allows all users to access those pages under this folder.

or

What you can do is if you already use the directory structure for the pages, then you can keep this page.aspx at the same level that you have the login page.

0
source

More articles:


All Articles