D
Dominick Baier [DevelopMentor]
remove the ~/
<location path="UnSecured">
<location path="UnSecured">
Need help on Create New User account in asp.net 2.0
D
Dominick Baier [DevelopMentor]
it is just that the ~ syntax does not apply here. that's it 
L
Learner
Hello,
The code I have in web.config file to redirect the user to the
MainLogin.aspx page
<authentication mode="Forms">
<forms name="/.ASPXAUTH"
loginUrl="~/Unsecured/MainLogin.aspx" cookieless="UseCookies">
</forms>
</authentication>
Now I also have the CreateNewAcct.aspx page sitting in the UnSecured
folder as the MainLogin.aspx.
Here is the code that should allow every including un authenticated
users as we have allow users = "*"
<location path="~/UnSecured/CreateNewAcct.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
But when I click on the Create New User link thats on the Login control
it never goes the CreateNewAcct.aspx page and it comes back to the
MainLogin.aspx page!
Any clue why this comes back though I have used allow users = "*"?
Thanks
-L
The code I have in web.config file to redirect the user to the
MainLogin.aspx page
<authentication mode="Forms">
<forms name="/.ASPXAUTH"
loginUrl="~/Unsecured/MainLogin.aspx" cookieless="UseCookies">
</forms>
</authentication>
Now I also have the CreateNewAcct.aspx page sitting in the UnSecured
folder as the MainLogin.aspx.
Here is the code that should allow every including un authenticated
users as we have allow users = "*"
<location path="~/UnSecured/CreateNewAcct.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
But when I click on the Create New User link thats on the Login control
it never goes the CreateNewAcct.aspx page and it comes back to the
MainLogin.aspx page!
Any clue why this comes back though I have used allow users = "*"?
Thanks
-L
L
Learner
Cool that works!
Is there any thing I need to understand here? Please help me understand
how it is works.
Thanks
-L
Is there any thing I need to understand here? Please help me understand
how it is works.
Thanks
-L
L
Learner
Hello Dominick,
Thanks for the clarification. Also, I am just wondering if you can
help me with what I am planning to work on few pages in my application
who can view/access based on the roles.
Suppose I have 10 .aspx pages
say
1.aspx
2.aspx
3.aspx
4.aspx
....
10.aspx
Now a user who has a Admin role can access all the pages (1 thru
10.aspx pages)
a User who has Manager can only access say 4,5,6,7.aspx pages and also
some portion of the remaining web pages that Admin has access to but
not the entire page.
a User who has just has User access can only access 8,9,10.aspx pages
and also some parts (portion of the webform) of the remainings pages. I
mean based on what he can see he should have access some parts of the 1
thru 10.aspx pages but full access to the 8,9,10.aspx pages.
Could you please help me here how do I design this? My idea is to
create Admin, Manager, User folders seperatley and allow access based
on who logged in. And put the pages that each role has access to in
these folders.
But I don't know how to provide access to the portion of the web pages
to be allowed to be accessed by the Manager / User to certain pages as
I described above.
Can you help me with this?
Thanks
-L
Thanks for the clarification. Also, I am just wondering if you can
help me with what I am planning to work on few pages in my application
who can view/access based on the roles.
Suppose I have 10 .aspx pages
say
1.aspx
2.aspx
3.aspx
4.aspx
....
10.aspx
Now a user who has a Admin role can access all the pages (1 thru
10.aspx pages)
a User who has Manager can only access say 4,5,6,7.aspx pages and also
some portion of the remaining web pages that Admin has access to but
not the entire page.
a User who has just has User access can only access 8,9,10.aspx pages
and also some parts (portion of the webform) of the remainings pages. I
mean based on what he can see he should have access some parts of the 1
thru 10.aspx pages but full access to the 8,9,10.aspx pages.
Could you please help me here how do I design this? My idea is to
create Admin, Manager, User folders seperatley and allow access based
on who logged in. And put the pages that each role has access to in
these folders.
But I don't know how to provide access to the portion of the web pages
to be allowed to be accessed by the Manager / User to certain pages as
I described above.
Can you help me with this?
Thanks
-L
D
Dominick Baier [DevelopMentor]
use the <authorization> element where it is granular enough - for pages where
multiple roles have access but should see different information/portions
of the page -
use Context.IsInRole in the page code to make the security decisions.
multiple roles have access but should see different information/portions
of the page -
use Context.IsInRole in the page code to make the security decisions.
L
Learner
Thank you for the reply. Yes thats what exactly how want it to be done.
I am just wondering is there an article or blog to go through that
explains briefly on how to implement these ones. That definitely helps
me to understand it correctly and implement it.
I am surfing the web but couldn't find the right one.
Thanks
-L
I am just wondering is there an article or blog to go through that
explains briefly on how to implement these ones. That definitely helps
me to understand it correctly and implement it.
I am surfing the web but couldn't find the right one.
Thanks
-L