Redirect to a page secured by basic authentication from a non-secure page?
Hello,I am working on an ASP.NET 2.0 webapp which is secured via our own mechanism which is similar to forms based security.  Thus, the web application itself has anonymous authentication enabled.However, our help site, a straight html app that is low sensitivity, but sensitive enough that we want to prevent the casual browser from viewing it, is secured via Basic Authentication.The question is, is there some way by which our main application can perform a redirect or transfer to the help site w/out prompting the user for credentials? Basically, what happens is that ther...

Trouble with custom error page when using secure and non-secure pages
Hi.I have an application which requires a secure channel for just certain pages.  I was able to do this selectively in IIS with no problem, except that the (non-secure) custom error page I defined in my web.config no longer works.    It wants me to authenticate (even though these pages are set to allow anonymous access), after which I'll get  an HTTP 401.2 error: "You do not have permission to view this directory or page using the credentials that you supplied because your Web browser is sending a WWW-Authenticate header field that the Web server is not configur...

What are the best practices for using master pages on websites that serve both secure and non-secure pages?
I have been assigned a task to cleanup an application that is using a master page that is shared by all pages (secure and non-secure). Secure pages are stored in a sub folder "/Secure"  They have used a mix of relative and absolute urls and paths on the master page, and all absolute urls use http (not https). That is causing the secure pages to display the "this page contains both secure and on-secure items..." They have also copied most all images to a folder inside "/Secure" so that the reliave image paths on the master page keep working wither th...

Page not running in Secure Page
hi all, I have some secure pages, which are run a secure site , assumed "https://securesite/page.aspx" problem is that, my all other Un secure pages run fine, but my secure page not run fine.In depth. when i go to "https://securesite/page.aspx", it open correctly , validations also run, but when i click on submit button.... not any action performed.. it all happened in IE 6.0, but in other browser like Opera and Mozilla... it run fine...... Any idea for that.. thanx in advance SajjadPlease Mark as Answer, if the post Solve your Problem__________________________Regards,Sajjad RizviC U ON...

Securing content on a page, not the page itself
Forms authentication is good for securing a page, but what about securing content on a page dependent on whether the user is logged in or not?  For example, on a forum you may want to hide the 'Add Post' button if a user is not authenticated. So, how is this possible?  I was thinking of using the 'IsAuthenticated' property to show/hide certain page elements.  For this to work, my forms authentication would have to allow access to all users, but only show certain elements once they had logged in. Is that the way to do this sort of thing in ASP.NET? Yes. To hide parts of the...

Securing the urls to the secure pages
I write in the address bar: localhost/MyWebsite/Admin/securepage.aspx And I am able to see it. It there anyway that I can make this folder "Admin" secure. HighOnCodingWanna get high! Use forms authentication and don't allow annonymous access to that folder. This can easily be done by making few changes in web.config file Hope this helps Sunny NAGIProper Preparation Prevents Poor PerformanceDont forget to click "Mark as Answer" on the post that helped you....

Paging Paging Paging
I am trying to do paging with my search results and it isnt working very well. Here is what I've tried and I feel I've tried everything, lol, please help me out. Sub DataGrid1_SortCommand(Sender as object, e as DataGridSortCOmmandEventArgs) DataGrid1.DataBind() End Sub Sub Datagrid1_PageIndexChanged(Sender as object, e as DataGridPageChangedEventArgs) Dim ds as dataSet DataGrid1.CurrentPageIndex = e.NewPageIndex if Session("Search") is nothing then 'Session probably has expired, get the datasource from database Datagrid1.DataSource = ...

I have a secured folder with some pages in it but the master page that created them is not. Results, my pages in the folder are not displaying right
I have a secured folder with some pages in it but the master page that created them is not. Results, my pages in the folder are not displaying right. For instance, all of the background images and color is not showing up.  I am guessing the problem has something to do with the path of the pages and images.  I am trying to have some secure pages in a secure folder but I want the login page outside the secured folder. All of these pages are made with a master page that is not in the secured folder.Can anybody tell me how to do this properly that way all my pages design is shown ...

Accessing secure page from trusted page
Hi all, I've got a web site for my company where in order to acceses it you need to log in first. Some of the company's clients have their own web sites (in which they also have to log in first). How can I create a link in their web page (which is a trusted source) so that when they click it they will be directed to one of our web pages without having to log into our website? Hi This is a complicated issue. You can't put credentials into the querystring, as the link could be passed to someone else: http://blog.searyblog.com/blog/_archives/2006/3/31/1852124.html Federation is a p...

secure and not secure IE page errors
--____BGXPEBXXQTCXYCXVWDWQ____ Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline; modification-date="Wed, 12 Feb 2008 06:46:16 -0700" We have the user app running SSL with a thawte certificate and have had no = problems until we started doing workflows, etc. IE throws mixed content errors (this page contains secure and not secure) = when clicking on anything under the Requests & Approvals tab. In fact just = clicking on the Requests & Approvals tab throws the error. Firefox works = fine! H...

Mixing Non-Secure + Secure Pages??
Back in November I was describing a problem I was having when switching my application from non-secure mode to secure mode. I finally had a chance to look into the problem and discovered what is causing my problem! My IW application has 8 pages (forms) and the first 6 need to be in non-secure mode. The last two require secure mode. In IW10, I could accomplish this my just calling: WebApplication->SwitchToSecure() from a non-secure page and then show my page requiring secure mode. In IW 12, this DOES NOT WORK!! What happens is IW starts a new session. If I start my session in se...

secure and unsecure pages from the default page
Hi everyone, I want to create an internet site and from the default page be able to both (1) login securely and view secure pages, and (2) navigate to public pages (without having to login). I was thinking of using Forms Authentication, with SSL for part (1).  I can get this part working ok, but am a bit stuck as to how to get to unsecure pages from the default page. In the web.config file I have –              <authentication mode="Forms">         &nbs...

security message("page contains secure and non secure items") coming on https: site
Hi we have developed a site and url of that site begins with https . Now everwhever page loads it gives a security message that " page contains secure and non secure items'. We donot want this message to come on our site. I read a few articles saying that my image should come from relative path or I should use css classes for images or there should not be any http url in my page. I have implemented these solutions also but still my page is giving this security message.   If any body could tell me how to avoid this message.   A lot of thanks in advance..  ...

Sessions and going between secured and non secured pages
Hi,I am working on a site where I am using ssl and forwarding users from a non secured page to a secured page for credit card processing. When I redirec to the https page it losses all session data.In php I save the session as a cookie and then call in that cookie and reset the session once in the https part of the site. I don't know how to do this in asp.net vb. Also I don't even know if this is the best approach. I googled a few things and couldn't find a way to save the whole session or anything.  I found that asp.net is not supposed to loss the session but I we...