IIS7 Windows Authentication
90 views
Skip to first unread message
Taylor Lilley
Oct 1, 2010, 7:00:10 PM10/1/10
to SWFUpload
This is a continuation of http://swfupload.org/forum/generaldiscussion/427
I was having this same problem. After quite a bit of mucking about in
hyperspace, here's what I came up with.
1. Leave Windows Authentication enabled in IIS7
2. Configure authentication in the web.config like this
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
3. Add a location element for the upload page where you are using
swfupload
<location path="MySWFUploadPage.aspx">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
Make sure you test this to insure that it still gives you the security
you want. Allowing anonymous access to your upload page may night be
what you want. However, I tested this and when I changed the
authorization tag to look like this...
<authentication mode="Windows" />
<authorization>
<deny users="MyDomainName\MyUserName" />
</authorization>
I was prompted with a windows credentials dialog. So, it seems that
the upload page is still protected by windows auth with this config.
Not what I expected, but it's what I got.
Hope this helps somebody.
-T
I was having this same problem. After quite a bit of mucking about in
hyperspace, here's what I came up with.
1. Leave Windows Authentication enabled in IIS7
2. Configure authentication in the web.config like this
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
3. Add a location element for the upload page where you are using
swfupload
<location path="MySWFUploadPage.aspx">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
Make sure you test this to insure that it still gives you the security
you want. Allowing anonymous access to your upload page may night be
what you want. However, I tested this and when I changed the
authorization tag to look like this...
<authentication mode="Windows" />
<authorization>
<deny users="MyDomainName\MyUserName" />
</authorization>
I was prompted with a windows credentials dialog. So, it seems that
the upload page is still protected by windows auth with this config.
Not what I expected, but it's what I got.
Hope this helps somebody.
-T
Rajesh Chauhan
Jul 1, 2013, 4:30:51 AM7/1/13
to swfu...@googlegroups.com
Hi,
Thanks for sharing the issue. However, I have put the same setting in my web.config file for swfupload still i am getting the 401 error( 2038 code) in my mvc application.
Is there any other setting for the same?
Reply all
Reply to author
Forward
0 new messages