Form Authentication and Windows Authentication

Form Authentication and Windows Authentication

  
hi

we have Form Authentication and Windows Authentication in .Net.Similarly how we use this two process here.I studied some links.But i have some problem.so please send some links of understanding these process .

thanks
Hi Devaraj,

Check this video, it might help you out! Once again, this kind of integration is based on Enterprise Manager - if you're not using it, you'll have to implement it on your own.

Regards,

Paulo Tavares
hello Paulo.

Thanks for your  Reply.My Requirement is In my Application when the user Login i show the Files(jpg,pdf) using Iframe based on the LoginUser.In DB i have a path of the Folder\Files and also in Corresponding path(system) i have files.When i run the application it shows the path of the (downloading) file  http://localhost/Testapplication/Foldername/Filename.jpg in status bar.Now without login into the application i use that link the file was opened.How to Restrict this process.Here i m not using the Enterprise Manager and also i asked this question and the Reply is not helpful for me.

Can you please tell Is there any to restrict the folder access?

Thanks
Hi Devaraj,

If you look into your file path, that's the exact problem: you're trying to restrict access to a specific file in IIS, through the application.

Since when you request http://localhost/Testapplication/Foldername/Filename.jpg you're making a request to IIS, and IIS handles it directly, if you want to restrict its access, the only way I see it being done is by configuring IIS. See if this article helps you, as an example of what you should be looking into.

If you want to control the access through an application, the file should be returned by an application page itself, that performs all the access control logic in the preparation action, and if it's ok to proceed, returns the content through a Download node.

For instance,
http://localhost/Testapplication/downloadFile.aspx?Name=Filename.jpg is a good example of such a file path, provided that you have a page called downloadFile which performs the logic I mentioned.

Notice that here you're accessing the ASPX file - the application file, which returns - while in your previous case you're accessing the file itself in IIS. The permission handling in this case is done by the application, while in your case it's being handled by IIS.

I hope this helps.

And by the way, the reason I mention Enterprise Manager is because Windows Authentication in the OutSystems Agile Platform is handled directly in Enterprise Manager. Since you asked for "Form Authentication" and "Windows Authentication", that was the clearest cut path for you to do what it seemed you were asking.

Regards,

Paulo Tavares