I've created the StarterSite from Webmatrix and added an Admin role for Websecurity. I have a separate application (tinyfilemanager.net) setup in a virtual directory as per the website's instructions and I need help to integrate the same Websecurity and roles to this application, so that only Admins can access the app.
When logged in to the StarterSite WebSecurity.IsAuthenticated = true however it is always false for the tinyfilemanager app setup in the virtual directory. How can I share the Websecurity object with the tinyfilemanager application?
Related
I have an ASP.NET website ( NOT web application ) and I'm looking at how to use Azure Active Directory to authenticate users for single sign on purposes.
The samples from the File > New Project use global.asax.cs to interact with middleware, eg the WSFederationAuthenticationModule_RedirectingToIdentityProvider method. Websites dont have the global.asax or a class that inherits from HTTPApplication
Can I use Azure AD to provide single sign on capabilities for an Asp.Net Website and if so how should I go about it?
I have an ASP.NET application in IIS 6.0 with the following structure.
MyApplication is setup to run with Forms Authentication. I have a virtual directory called MyFiles that points to a shared network location containing some pdfs and docs.
The issue is that I am not able to secure this virtual directory with Forms Authentication. If I enable Anonymous access to the virtual directory, users are able to access all documents without login to the site. If I disable Anon access, they cannot access even after login.
I tried setting up MyFolder as an application and keeping a web.config with location tag for the MyFiles virtual directory and denying anonymous. This did not work.
Any help on this would be greatly appreciated.
I have a folder "foo" which resides under the root folder of my ASP.NET website.
My ASP.NET website has a file browser control which enables (authenticated) users to upload files, create folders, move folders, delete file/folders etc. in the "foo" folder.
What permissions should the "foo" folder have?
It is a Windows Server 2008 / IIS 7 box.
Many thanks.
Depending on the authentication method you are using, either the end user or the Application Pool Identity user will need Modify privileges to the foo folder.
UPDATED:
It sounds like you are using Anonymous Authentication, but are authenticating the user in your DB via your application.
Check your IIS to determine which identity Anonymous Authentication is using. The default is IUSR, but you can also decide to use the application pool identity, in which case, you will need to check your Application Pool Identity.
If you have stuck with the defaults, you will likely only need to add Modify permissions to the built-in IUSR user.
Additional backround info: Understanding Built-In User and Group Accounts in IIS 7
I Have an asp.net web application that access files on shared folder from remote host,
when the web application is run from vs2008 it retrives the image files and display them.how ever when i deploy the same project in IIS using virtual directory, the application couldn't access the files on the shared folder it says access denied.
is there any persmission setting i needed to add, I have already add the Asp.net and network service to the project files on the phsical path where the virtual path is pointing too.
string pic3 = #"\\M37350\temp\GraphicUserImage.jpg";
FileInfo f = new FileInfo(pic3);
if (f.Exists)
{
Image1.ImageUrl = pic3;
Image1.Visible = true;
}
Thanks.
VS2008 is using your credentials when executing web application. You will need to set up an account (one that has access to the remote folder) in your IIS virtual directory.
you'll need to set the Application Pool's Identity to a domain account (domain\user) with access to this shared folder, the built-in "Network Service" account doesn't have access to a remote shared folder.
To change your App Pool Identity:
you'll need to know which Application Pool your website is using by going to the Website properties "Home Directory" tab (Application Pool is the last item)
Close out the Website properties and under Application Pools in IIS find the corresponding Application Pool, open properties and go to the "Identity" tab to change the user.
Might also check this answer on serverfault.com: Permission for ASP.NET application on web server to access shared folder on another server
And this step by step for setting custom app pool identity ASP.Net and IIS Support Team Blog for Microsoft France
You need to chmod the shared folder so it is readable and writable to you and/or others. Usually the host has an interface for this. As far as I know, the permissions cannot be set from code.
So, I've been trying to give my web application read access to files in root/documents folder that I have created. I don't want the public to have access to this folder. Have managed to lock out public users through the documents folder authentication setting by disabling the anonymous authentication setting.
Having much larger problems giving the web app read access to files in that folder. Have added the apppool into the read folder permisions of the documents folder but still getting access denied messages.
Just wondering if there's anything else that may be affecting the applications access to the directory.
Try adding NETWORKSERVICE as a reader to the folder.
On the other hand, you can try using impersonation and give read access to impoersonated user.