T
Tod Birdsall
Hi All,
I am trying to secure non-ASP.NET files (i.e. .html, .pdf) in an
application running on IIS 6.0, Win2K3 using the .NET Framework 2.0.
What has worked in the past using .NET Framework 1.1 on IIS 6.0 is the
following :
1. Open IIS
2. Right click website, choose Properties.
3. Click "Home Directory" tab.
4. Click "Configuration" button. This opens "Application Configuration"
window.
5. Click on an any entry that uses the .NET Framework ISAPI filter.
6. Copy the "Excecutable" path (i.e.
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll)
7. Click "Cancel".
5. Click "Add" to add a new Application Extension.
6. Paste the path into the "Executable" text box.
7. Type in ".html" into the "Extension" textbox.
8.Click "OK" until you are out of the properties window.
Now ".html" extensions should be handled by the ASP.NET worker process,
so if authentication is turned on, .html files will be protected from
anonymous users.
Taking the same steps on the same Win2K3 server for .NET Framework 2.0,
I run into problems. I browse to a ".html" page and get a generic "The
page cannot be displayed" error. At the bottom of the page was the text
"Cannot find server or DNS Error Internet Explorer". All of the .aspx
pages I went to work just as they should. I have double checked the
path. I have tried other file extensions such as ".pdf" with the same
results as the ".html". The Execution path I am using is
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_isapi.dll".
I have also tried using impersonation using the machine.config
<processModel> tag. I used System and the Administrator user accounts
to no avail.
Has anyone run into this problem and found a solution?
Thank you.
Tod Birdsall
http://tod1d.blogspot.com
I am trying to secure non-ASP.NET files (i.e. .html, .pdf) in an
application running on IIS 6.0, Win2K3 using the .NET Framework 2.0.
What has worked in the past using .NET Framework 1.1 on IIS 6.0 is the
following :
1. Open IIS
2. Right click website, choose Properties.
3. Click "Home Directory" tab.
4. Click "Configuration" button. This opens "Application Configuration"
window.
5. Click on an any entry that uses the .NET Framework ISAPI filter.
6. Copy the "Excecutable" path (i.e.
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll)
7. Click "Cancel".
5. Click "Add" to add a new Application Extension.
6. Paste the path into the "Executable" text box.
7. Type in ".html" into the "Extension" textbox.
8.Click "OK" until you are out of the properties window.
Now ".html" extensions should be handled by the ASP.NET worker process,
so if authentication is turned on, .html files will be protected from
anonymous users.
Taking the same steps on the same Win2K3 server for .NET Framework 2.0,
I run into problems. I browse to a ".html" page and get a generic "The
page cannot be displayed" error. At the bottom of the page was the text
"Cannot find server or DNS Error Internet Explorer". All of the .aspx
pages I went to work just as they should. I have double checked the
path. I have tried other file extensions such as ".pdf" with the same
results as the ".html". The Execution path I am using is
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_isapi.dll".
I have also tried using impersonation using the machine.config
<processModel> tag. I used System and the Administrator user accounts
to no avail.
Has anyone run into this problem and found a solution?
Thank you.
Tod Birdsall
http://tod1d.blogspot.com