| Author |
 Topic  |
|
|
thermal_seeker
Junior Member
United Kingdom
430 Posts |
 Posted - 30 June 2010 : 14:53:44
|
I have a "members" folder that requires a login to access the pages in there. (the UN's and PW's are authenticated from the DB for the forum)That works well and has no problems. The problem is.. if I create a folder inside the members one, whatever I put in there can be accessed without login... ie: here or here am I missing something??
Dave |
No good at coding, but I can plough a field !! |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
|
|
thermal_seeker
Junior Member
United Kingdom
430 Posts |
Posted - 30 June 2010 : 16:53:00
|
Web config
and Class1.vb that's in App Code (that you supplied Huw)
Having a little play around it seems that everything that ends .aspx is protected but every other extension isn't.
Dave |
No good at coding, but I can plough a field !! |
 |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
|
|
thermal_seeker
Junior Member
United Kingdom
430 Posts |
Posted - 30 June 2010 : 18:16:49
|
Thanks Huw
it all makes sense now
Dave |
No good at coding, but I can plough a field !! |
|
|
|
thermal_seeker
Junior Member
United Kingdom
430 Posts |
Posted - 01 July 2010 : 18:06:26
|
I have a minor problem...
My host has done the mapping and I have created an httphandler (handler.ashx) residing in app_code
I have in my web config...
<httpHandlers>
<add verb="*" path="*.doc" type="App_Code.DocHandler"/>
</httpHandlers>
but am getting an error...
Parser Error Message: Could not load type 'App_Code.DocHandler'.
any ideas?
Dave |
No good at coding, but I can plough a field !! |
|
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
|
|
thermal_seeker
Junior Member
United Kingdom
430 Posts |
Posted - 02 July 2010 : 02:51:23
|
Yes Huw, I have tried a few things there but all return the parser error so I was assuming it maybe a problem with the handler?
I had a google around last night and although there are a few variations on the handler, the generic one that is created using VWD 2008 express is the one that brain dead's like me seem to use.
as a matter of interest... if I created a handler, modified the webconfig and uploaded it to the webserver, if the iis wasn't mapped correctly would an error be thrown up or would it just not work?
Dave |
No good at coding, but I can plough a field !! |
|
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 02 July 2010 : 03:37:03
|
if iis wasn't mapped correctly it would either try to download the file or give a 40X error of some sort.
ok, your problem is that you have created a handle file (ashx) when what you really need to do is create a httpmodule, ashx files expect to be called in the same was as other asp.net files what you actually want is a httpmodule wich will basically trap any .doc files (either that or you need to add a rewrite rule to map all *.doc requests to your ashx file. try renaming your ashx file to a .cs file it should then recognise it as a handler type rather than a handler file
sorry if I haven't explained that too well :)
you will need to remove the webhandler tag from the top of the file too |
MVC .net dev/test site | MVC .net running on Raspberry Pi |
|
|
|
thermal_seeker
Junior Member
United Kingdom
430 Posts |
Posted - 02 July 2010 : 18:26:00
|
Thanks Huw, and you explained it well enough 
I have been working on it (on and off) all day and getting error upon error. (the first one being I renamed the ashx file to .cs and the site is in vb!!... doh)
I stumbled across something this evening that doesnt require a class file, ashx file etc. it uses an inbuilt static file handler. All that is needed is a line in webconfig.. within the httpHandler tags
<add verb="*" path="*.pdf" type="System.Web.StaticFileHandler" />
it seems to work but I'm not sure if it's 100% correct (correct may not be the right word?)
your views would be appreciated
Dave |
No good at coding, but I can plough a field !! |
|
|
| |
Topic |
|
A protection problem
