Password protection for some page

Question

4.00/5 (1 vote)

See more:

I wont to protect our site only asp.net pages not all the site but when i protect through webconfig file then its protect my domain i.e when browse my site then ask password that i don't wont here i place our code which i use webconfig file

XML

<authentication mode="Forms">
      <forms loginUrl="~/upload/Default.aspx">
      </forms>
    br mode="hold" />    <authorization>
      <deny users="?">
    br mode="hold" /></deny></authorization></authentication>

and my Default page code is

C#

protected void Login1_Authenticate(object sender, System.Web.UI.WebControls.AuthenticateEventArgs e)
 {
     string username;
     string pwd;
     string CurrentUser = "";
     string CurrentPwd = "";
     bool LoginStatus = false;
     username = Login1.UserName;
     pwd = Login1.Password;
     XmlDocument xd = new XmlDocument();
     xd.Load(Server.MapPath("~/App_Data/AllUser.xml"));
     XmlNodeList xnl = xd.GetElementsByTagName("User");
     foreach (XmlNode xn in xnl)
     {
         XmlNodeList cxnl = xn.ChildNodes;
         foreach (XmlNode cxn in cxnl)
         {
             if (cxn.Name == "username")
             {
                 if (cxn.InnerText == username)
                 {
                     CurrentUser = username;
                 }
             }
             if (cxn.Name == "password")
             {
                 if (cxn.InnerText == pwd)
                 {
                     CurrentPwd = pwd;
                 }
             }
         }
         if ((CurrentUser != "") & (CurrentPwd != ""))
         {
             LoginStatus = true;
         }
     }
     if (LoginStatus == true)
     {
         Session["UserAuthentication"] = username;
        Session.Timeout = 1;
         FormsAuthentication.RedirectFromLoginPage(username, true);
     // Response.Redirect("upload.aspx");
     }
     else
     {
         Session["UserAuthentication"] = "";
     }
 }

Posted 10-Mar-11 18:57pm

vineesha

Updated 10-Mar-11 19:52pm

Sandeep Mewara

v3

Add a Solution

Comments

Albin Abel 11-Mar-11 1:29am

how you want to protect a particular page? Say if user want to access a page then it ask for use name and password? Is it for every time or once in a session. Clearly explain your problem, then you have more chances of getting the answer

vineesha 11-Mar-11 3:50am

In my site has a intro that is the index page but after protected pages it is not working.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

senguptaamlan · Answer 1 · 2011-03-10T19:33:00

Solution 1

use the following approach

XML

<location path="<the path you want to bypass authentication>">
        <system.web>
            <authorization>
                <allow users="*"/>
            </authorization>
        </system.web>
    </location></location>

in the web.config file

Posted 10-Mar-11 19:33pm

senguptaamlan

Updated 10-Mar-11 22:21pm

v2

Comments

vineesha 11-Mar-11 3:51am

I don't to allow all page for all user In my site has a intro that is the index page but after password protection it is not working.

senguptaamlan 11-Mar-11 4:25am

Group the pages in which you don't want the user to be autheticated in a folder, and place the relative path the the "path" value section.
Secondly I believe the intro contains a flash file or anything which is also getting restricted by the authentication, so detect the resource file and place it in a directory and create another location tag, just like stated one to by pass authentication for the directory.

senguptaamlan 11-Mar-11 5:43am

does it solves your problem ? If yes, please mark the thread as answer