Securing mixed asp/aspx site

Results 1 to 3 of 3

Thread: Securing mixed asp/aspx site

  1. #1

    Default Securing mixed asp/aspx site

    I&#039;ve looked a bit, and while I believe the answers I&#039;ve found so far, they are not official and I can&#039;t believe it is in the design.<BR><BR>Use web.config to "secure a directory" and the directory is not really secure, only the aspx pages in it. Drop an asp page into the folder and it will display in the browser.<BR><BR>Has anyone found the way to secure classic asp pages,html and images with the Web.Config?<BR><BR>

  2. #2
    Join Date
    Dec 1969

    Default RE: Securing mixed asp/aspx site

    Ya I found out too that ASP.NET only seems to secure aspx and related by default. But you can secure any type of file...jpg, pdf...and I would assume mapping it to the aspnet_isapi.dll<BR>

  3. #3

    Default RE: Securing mixed asp/aspx site

    Mapping asp pages to aspnet will produce most undesireable results.<BR>I&#039;m not really concerned about other file types (jpg,gif,pdf), it&#039;s the idea of using the forms authentification for a site that will be built in asp. The site in asp needs simple authentification.<BR><BR>I&#039;ve found a very effective solution using XMLHTTP and a secure aspx page.<BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts