Multiple Web.config files

K

krish.mtm143

Joined
Nov 18, 2009
Messages
1
Reaction score
0
hi,

Q.how to maintain different sessionid for different sub folders in Asp.net webappli.,

rootfolder(myweb)
--folder1(Admin)
Login.aspx
Logout.aspx
pageAdmin1.aspx
pageAdmin2.aspx
pageAdmin3.aspx
adminweb.config(forms authentication)
--folder2(Userpages)
Login.aspx
Logout.aspx
page1.aspx
page2.aspx
page3.aspx
userweb.config(forms authentication)

i want to maintain two different sessionids for these folders. i mean if i logged from admin module it does't effect the userpages. viceversa..
pls..help me
 
Last edited:
E

ExpertPractice

Joined
Jan 14, 2010
Messages
6
Reaction score
0
What i understand is ..u are actually looking for authorizing different users for different parts of your application. Like you want admin to access both User Pages and Admin pages but you want User to Access only the User Pages.
To Achieve that you dont actully need multiple web.config files.

Follow these steps

Add this to you Login form set it according to you authentication system.


Role= Get it from Db whether its an Admin or a User after checking UserName and Password.
/////Create Authentication Ticket Manually///////

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, UserName, DateTime.Now, DateTime.Now.AddMinutes(20), true, Role);
string HashedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashedTicket);
cookie.HttpOnly = true;
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
Response.Cookies.Add(cookie);

Add This to Global.asax

void Application_AuthenticateRequest(object sender, EventArgs e)
{
if (Context.User != null && Context.User.Identity.AuthenticationType=="Forms")
{
System.Security.Principal.IIdentity ID = Context.User.Identity;
FormsIdentity FrmID = (FormsIdentity)ID;
FormsAuthenticationTicket ticket = FrmID.Ticket;
string[] Roles = ticket.UserData.Split(',');
Context.User = new System.Security.Principal.GenericPrincipal(ID, Roles);
}
}

In Global.asax we are setting Role of the User To the current Context

Finally Define Roles in the web.config

<authentication mode="Forms">
<forms defaultUrl="index.aspx" loginUrl="index.aspx" name="MyFormCookie" protection="All" slidingExpiration="true" timeout="20">
</forms>
</authentication>
<authorization>
<allow users="*" />
</authorization>


<location path="Admin">
<system.web>
<authorization>
<allow roles="admin" />
<deny users="*" />
</authorization>
</system.web>
</location>

<location path="UserPages">
<system.web>
<authorization>
<allow roles="admin,User" />
<deny users="*" />
</authorization>
</system.web>
</location>

define these settings at their appropriate locations in web.config



Hope this will help




@li
 
Last edited:

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

setting up web.config... 2
how to access site content after authentication 3
proper way to logout and end a session 1
location element in web.config 1
web.config and location... 3
Protecting multiple directories 1
Windows identity getting confused between users 0
problem with sitemap and roles 0

Staff online

Members online

Total: 82 (members: 1, guests: 81)
Robots: 259

Forum statistics

Threads
473,992
Messages
2,570,220
Members
46,805
Latest member
ClydeHeld1

Latest Threads

Top