: Protecting a webpage with an authentication form I have created an employee webpage with a lot of company info, links, etc., but I want to protect the page because it contains some confidential
I have created an employee webpage with a lot of company info, links, etc., but I want to protect the page because it contains some confidential company information.
I am running IIS7.5 on Windows Server 2008 R2, and I already have the site setup as a normal, non-protected site. I want all active directory users to have access to the site. This is not an intranet site, it is exposed to the internet.
I tried setting it up using Windows Authentication, but I had problems with multiple login prompts, etc. I just want a simple form for users to enter their credentials and have access to the site, and I need it to query the AD for login.
I've searched the web for a guide on this, but I can't seem to find one that fits my situation. This is not a Web App. It is just a simple html site.
Does anyone have any suggestions or a link to a guide on this?
Thanks so much! -LB
More posts by @Turnbaugh106
2 Comments
Sorted by latest first Latest Oldest Best
Even if you are not using ASP.NET web forms you can use ASP.NET Web Forms authentication as the site is hosted by IIS.
If your web.config you can specify directories that require authentication, and can scope that authentication to whatever users or groups you want:
<configuration>
<system.web>
<authentication mode="Forms" >
<forms loginUrl="login.aspx" name=".ASPNETAUTH" protection="None" path="/" timeout="20" >
</forms>
</authentication>
<!-- This section denies access to all files in this application except for those that you have not explicitly specified by using another setting. -->
<authorization>
<deny users="?" />
</authorization>
</system.web>
<!-- This section gives the unauthenticated user access to the Default1.aspx page only. It is located in the same folder as this configuration file. -->
<location path="default1.aspx">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>
<!-- This section gives the unauthenticated user access to all of the files that are stored in the Subdir1 folder. -->
<location path="subdir1">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>
</configuration>
If you are able to use PHP there is a very simple solution to protect a single page: www.totallyphp.co.uk/password-protect-a-page
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.