Restrict access to Classic ASP pages in web.config

  • Thread starter Thread starter Christiano
  • Start date Start date
C

Christiano

Hi...

I have an hybrid ASP/ASP.NET site... And it will be like this for a
while...

I need to authenticated these ASP pages with password too. How can I
redirect it to login.aspx?

I'm using this simple authentication/authorization rule...



<system.web>

<authentication mode="Forms">

<forms name="Sinoreg_Login" loginUrl="login.aspx" timeout="20" />

</authentication >


<authorization>

<deny users="?" />

</authorization>

</system.web>
 
it will be a little tricky but not hard.

your login.aspx page should store your own ticket and use an encryption that
the asp code can decrypt and store the user name in it. in every asp page,
check for the ticket, if there decode and get the username. if the ticket is
not there redirect to the login page, passing the asp page name as the
redirect url.


-- bruce (sqlwork.com)
 
bruce...

it worked...

tks a lot..
christiano



bruce barker said:
it will be a little tricky but not hard.

your login.aspx page should store your own ticket and use an encryption
that
the asp code can decrypt and store the user name in it. in every asp page,
check for the ticket, if there decode and get the username. if the ticket
is
not there redirect to the login page, passing the asp page name as the
redirect url.


-- bruce (sqlwork.com)
Click to expand...
 
Back
Top