rbaldwin
Posts: 172
|
Posted: 03/11/2014, 3:32 PM |
|
i have an intranet site running on IIS 6 working fine, but when i moved it to IIS 7.5 i have an issue with Codecharge security model when the browser is Not IE
CCS 4.3, asp.net
The site as a folder structure that looks something like:
/
/admin
/other
pages in the root folder and in the /other folder are open to "Authenticated Users" i.e. Windows authenticated users and the pages themselves are not restricted.
the pages in the /admin folder are all restricted to admin users.
So, in the projects properties, i have security model set to table and i have a users table etc.
Like i said iis 6 worked as i expected, users could go to any root or /other report and no login screen, a /admin page and the first time they got prompted for login in all browsers
On iis 7.5, IE users still experience correct behaviour
However Chrome users, can get to pages in the root folder. but any page in any other folder
results in endless redirects.
Any thoughts?
|
|
|
eratech
Posts: 513
|
Posted: 03/11/2014, 9:23 PM |
|
I'm not sure of the IIS 6->7.5 difference (but there might be something changed) but I'm always mucked up with Windows vs Forms Authentication with non-IE browsers.
When you say the 'login screen' do you mean the CCS one, or the browser popup (usually for Windows authentication)?
I'll try setting up an IIS 7.5 and see what I can break...Um... discover....
Eric
_________________
CCS 3/4/5 ASP Classic, VB.NET, PHP
Melbourne, Victoria, Australia |
|
|
rbaldwin
Posts: 172
|
Posted: 03/12/2014, 6:39 AM |
|
Eric, thanks for taking a look
i'm refering to the CCS login page. And in my case the login page is in the /admin folder. As well, i'm doing a silent login with the login event i have below.
This is an Intranet Site and all users are windows users. I have 3 types of users
Admin - have access to the /admin folder
User – have access to /restricted folder(s)
Everyone else – these users are not in my CCS security user table – and have access to /root and other folders that do not have restricted access
The login column in my users table is populated with window’s logins. I only have rows populated for Admin and User.
In my login page, I have
'Record Login Event BeforeShow. Action Custom Code @11-73254650
'Get windows domain/login
Dim CurrentUser as String = lCase(Request.ServerVariables("LOGON_USER"))
Dim myUserPassword as String = CurrentUser ‘
‘check if CurrentUser is in user table
If DBUtility.CheckUser(CurrentUser, myUserPassword) Then
dim admin = Settings.Connection2DataAccessObject.ExecuteScalar("SELECT adminGroup FROM [$_SIVMS_users] WHERE login='" & CurrentUser & "'" )
‘if user is admin then send to admin menu else to the landing page
if admin = 1 then
Response.Redirect(“adminMenu.aspx”)
Else
Response.Redirect(“../landingPage.aspx”)
end if
else
‘if user is not found in user table send to the landing page
Response.Redirect(“../landingPage.aspx ")
End If
'End Record Login Event BeforeShow.
|
|
|
eratech
Posts: 513
|
Posted: 03/13/2014, 12:24 AM |
|
I haven't set up the IIS test yet, but looking at your code, it seems very similar to something I was trying a few years ago on one of my sites. We didn't get it working properly then.
We ended up using the normal site web.config in / (root) and used Windows authentication with a separate web.config in the /subfolder.
Some thoughts - could you be getting the same authentication request when you access the /admin or /restricted folders (ie: is the web.config at the higher level cascading down and causing some sort of confusion?)
I'm sure you've googled, but this looks interesting for IIS 6-> IIS 7 differences http://www.iis.net/learn/get-started/whats-new-in-iis-7...iis-7-and-above
E
_________________
CCS 3/4/5 ASP Classic, VB.NET, PHP
Melbourne, Victoria, Australia |
|
|
rbaldwin
Posts: 172
|
Posted: 03/13/2014, 2:51 PM |
|
Thanks again Eric, you clued me in to the possiblity of unique web.config files per folder - didn't know i could do that. I think that is one way to fix my problem, but i think another that i'll try is one web.config with multiple location elements. each with appropriate <authentication> sections for the respective path.
<configuration>
<location path="Page1.aspx">...</location>
<location path="Page2.aspx">...</location>
<location path="Page3.aspx">...</location>
</configuration>
i havn't needed to fiddle with web.config much so i have some tinkering to do.
|
|
|
|