http authentication

hey all,

is it possible to add http authentication to asp.net?
so i can login using http://username:password@name.com
i want to store usernames and passwords in a database ... i dont want to configure iis for every user ...
its very easy in php (example in php below)

is this possible in ASP.NET ... if yes, how ?
thanks
<?php
// File Name: auth01.php
// Check to see if $PHP_AUTH_USER already contains info
if (!isset($PHP_AUTH_USER)) {
// If empty, send header causing dialog box to appear
header('WWW-Authenticate: Basic realm="My Private Stuff"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
exit;
}
// If not empty, display values for variables
else {
echo "
<P>You have entered this username: $PHP_AUTH_USER<br>
You have entered this password: $PHP_AUTH_PW<br>
The authorization type is: $PHP_AUTH_TYPE</p>
";
}
?>



0
zertox
3/14/2003 3:08:01 PM
asp.net.security 27051 articles. 1 followers. Follow

2 Replies
762 Views

Similar Articles

[PageSpeed] 45

I suppose you could code it so that your login.aspx page looks for querystring variables and then parses them and validates against a user file data source.


~Brad Kingsley
MCSE, ASPInsider


www.orcsweb.com

Powerful Web Hosting Solutions
#1 in Service and Support

0
sbradk
3/15/2003 12:43:33 PM
Yes.  Just do the same as you'd have done in PHP

Response.Clear();
Response.StatusCode = 401;
Response.AppendHeader("WWW-Authenticate", "Basic realm=\"Password Protected Area\"");
Response.Flush();
Make sure to disable Windows Authentication in IIS or it will capture all the authentication requests ahead of you.
To look at the Username & Password of somebody logged in, read Request.Headers["Authorization"]
The data is Base64 encoded so use the Convert.FromBase64String() Method to decode it back to ASCII.
Hope this helps!
0
starlite
11/15/2003 7:06:24 AM
Reply:

Similar Artilces:

Net::Netrc for HTTP authentication
Has anyone thought of trying to hook together Net::Netrc and LWP so that people can keep HTTP authentication data in .netrc files? I figure it's not totally obvious (to me at least) how to wedge in the realm name and port number, but I can't think of notable problems besides that. Anyone? -- Sean M. Burke http://www.spinn.net/~sburke/ ...

New Security Tool for .NET Authentication
Hi, Here Piseth, Introduce you a new tool new most Valuable tool for .NET Authentication and Security. Authentication Made easy, no code required. MVPD - Visual Guard, Simple Steps, Hight Security and Authentications Levels  Also you can Check out the Post Review of Most Valuable Products foe Developer ( MVPD ) http://weblogs.asp.net/piseth/archive/2008/10/06/most-valuable-products-for-developers-first-review.aspx   Thanks...

How to use HTTP protocol in .Net Remoting? Thanks and Regards,How to use Http protocol in .net Remoting
<>Hi,     <><>How to use HTTP protocol in .Net Remoting ? Is there any specific code bits requires for that ?    I am using TCP protocol it's working but when i change it to  HTTP it throwing an error like "Arugument null exception"<>  Could  anybody give samples for that? Thanks & Regards,Vijay Here is an example of HTTP remoting:http://msdn2.microsoft.com/en-us/library/system.runtime.remoting.channels.http.httpchannel.aspxCheers,       Kev...

http proxy authentication (SSO) cant hit pages inside net from out
im running a bordermanager proxy server within our regional network (behind another firewall) behind that bordermanager is a webserver, i have the dns address pointed to a public ip that is natted to the internal address of the server, this server is also behind the bordermanager proxy server. the bordermanager is using using HTTP Proxxy authentication and single sign on through SSL. the outside interface of the bordermanager is picking up the traffic before routing it to the web server, and requires you to login through because of the proxy authentication. should this work f...

Security Error: Content at http://googleads.g.doubleclick.net/ may not load data from
e.g., "Security Error: Content at http://googleads.g.doubleclick.net/ may not load data from http://example.com" Does anyone have an explanation for these entries in the Firefox Error console. I have searched with Google but can find nothing but questions and speculation. -- ***************************** Chuck Anderson • Boulder, CO http://www.CycleTourist.com Turn Off, Tune Out, Drop In ***************************** On 11.02.2009 00:20, CET - what odd quirk of fate caused Chuck Anderson to generate the following:? : > e.g., "Security Error: Co...

An open letter to Gervase Markham, re http://www.gerv.net/security/self-signed-certs/
(Prior reading material: http://www.gerv.net/security/self-signed-certs/ ) There's a fourth situation, in your treatise, that you don't address, and don't even acknowledge. You dismiss the most obvious situation why someone might want to run self-signed certificates: When that someone, herself, is the certifier. (i.e., that particular someone knows, outside of what Firefox has available to report, that the site is legitimate.) Many network appliances (including, but not limited to, NetApp equipment), have a command which is used to set up TLS. Generating the TLS key...

Fwd: IETF BoF @IETF-78 Maastricht: HASMAT
FYI... - Bil -------- Original Message -------- Subject: [http-state] IETF BoF @IETF-78 Maastricht: HASMAT - HTTP Application Security Minus Authentication and Transport Date: Wed, 09 Jun 2010 15:41:42 -0700 From: =JeffH <Jeff.Hodges@KingsMountain.com> To: IETF HTTP State WG <http-state@ietf.org> Hi, We will be hosting the "HTTP Application Security Minus Authentication and Transport (HASMAT)" Birds-of-a-Feather (BoF) session at IETF-78 in Maastricht NL during the week of July 25-30, 2010 (see [0] for mailing list). The purpose of IETF BoFs is to de...

http://pb2.forenshop.net/cgi-bin/forenserver/foren/F_2359/cutecast.pl <a href="http://pb2.forenshop.net/cgi-bin/forenserver/foren/F_2359/cutecast.pl">Christmas gifts</a> Christmas gifts
Name: Christmas gifts Email: Christmas_at_gifts.com Product: Bon Echo Summary: http://pb2.forenshop.net/cgi-bin/forenserver/foren/F_2359/cutecast.pl <a href="http://pb2.forenshop.net/cgi-bin/forenserver/foren/F_2359/cutecast.pl">Christmas gifts</a> Christmas gifts Comments: ...

I need exmaples of Http Pipelining and Http Authentication
HI, all I am preparing an appliction for which, I want to know hwo the authentication(Basic and Access )will go under our WINDOW's authentication., and I want to test/know how HTTP Pipelining works in ASP.Net, I have to prepare testcase document on this, Please help me, Thanks,Pashi this is how asp.net does its work http://www.west-wind.com/presentations/howaspnetworks/howaspnetworks.asp you will want to research httpmodules and httphandlers and perhaps isapi filters the article should clarify some things, doing an httpmodule and an httphandler should perfect it have a good day...

(IN)SECURE Magazine from Net-Security (PDF download)
A little more light reading :-) Latest issue, #13: http://www.net-security.org/insecuremag.php (86 pages, with ads [not animated ads] - like a printed magazine) Archives of past issues: http://www.net-security.org/insecure-archive.php ISSUE 13 (September 2007) * Interview with Janne Uusilehto, Head of Nokia Product Security * Social engineering social networking services: a LinkedIn example * The case for automated log management in meeting HIPAA compliance * Risk decision making: whose call is it? * Interview with Zulfikar Ramzan, Senior Principal Re...

HTTP XML POST .NET
Hello,I am using the following code to HTTP post an xml file to third party server. Now I believe I am able to send the file correctly but I need to pass a HTML input field value of type hidden as well with it. If I use a simple HTML interface as shown below I am successful:<form enctype="multipart/form-data" action="https://myurl" method="POST">  <input type="hidden" name="MyFieldName" value="myvalue">  <input type="file" name="Myfile">  <br/>  <input type="submit"></form>I want to simulate the exact thing in my .NET code. I am confuse...

Http:// and Http:// ?!
Hi, How can I change https:// to http:// or vice versa in the VB.NEt or C#?Thanks, If your simply trying to alter the string you could do something like this:strURL = "https://..."strURL.Replace("https", "http")End result here should be "http://..."...

HTTP Authentication
------=_NextPart_000_0110_01BF2BA8.3F4A5780 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I've tried to autenticate with this code: #!/usr/bin/perl print "HTTP/1.0 401 Authentification Required\n"; print "WWW-Authenticate: Basic realm=3D\"FOO\"\n"; print "Content-type: text/plain\n\n"; print "<HTML><BODY>Hi</BODY></HTML>"; =20 but this code not work....any sugestions, and, when i'll autenticate the = clients, how can i catch the user (w...

Security in .NET
hi All, I m make a application, here, user can view some page or some not, So which type of security i can use, Page Level security means, every time when page,this check user is valid or not, or User level, means every time user login, check those pages user can visit. which type of tecnique is best regarding security and performence... plz discuss in detial thanx in advance Sajjad Please Mark as Answer, if the post Solve your Problem__________________________Regards,Sajjad RizviC U ON NETreply me : sajjaddotnet@yahoo.com Windows authentication  - for intranet scenarios. F...