Reputation: 21
Web Protect ASP.NET Website
Is there a way to web protect ASP.NET website so it asks user for username/password to view?
I've been told that this should go in web.config file, but not sure of how to do this, or what should go in there. Any help much appreciated.
Upvotes: 2
Views: 1545
Answers (3)
Reputation: 10115
You should read the Form authentication in this sample article here
Upvotes: 0
Reputation: 4504
If it is an intranet scenario it's quite simple. Add this in your web.config
<configuration>
<system.web>
<authentication mode=”Windows” />
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
Fastest way for internet applications:
<authentication mode="Forms">
<forms loginUrl="~/login.aspx">
<credentials>
<user name="user" password="password" />
<user name="user2" password="password2" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
You will also need a new page login.aspx with a form where the user can enter his credentials. On the code behind page you then need the following code:
string username = textBoxUsername.Text;
string password = textBoxPassword.Text;
if (FormsAuthentication.Authenticate(username, password))
FormsAuthentication.RedirectFromLoginPage(username, false);
Upvotes: 3
Reputation: 10285
What you want to do is setup Web Authentication on IIS. Check these links:
http://support.microsoft.com/kb/324274
http://support.microsoft.com/kb/308160
http://www.authenticationtutorial.com/tutorial/
Upvotes: 1
Related Questions
- Web development with IIS security
- Password protect ASP.NET web application in IIS 7.5
- asp.net web config security
- Asp.net and security
- Restrict page access in IIS 6.0
- Protect Sub Folder using Web.config file?
- How do you protect a page using a web.config file?
- Securing ASP.Net Website?
- Specific page security on web.config