MonoX support board

Start the conversation, ask questions and share tips and solutions with fellow developers.

Non-registered users can only browse through our support boards. Please register now if you want to post your questions. It takes a second and it is completely free. Alternatively, you can log in without registration using your credentials at major sites such as Google, Microsoft Live, OpenId, Facebook, LinkedIn or Yahoo.

Lock entire site to unregistered users -- HELP!!  (Mono Support )

Viewed 12523 time(s), 4 post(s) 5/9/2012 1:20:17 PMby pevans
pevans

pevans

5/9/2012 1:20:17 PM
I want to lock my entire site, unless you are logged in. If you are not logged in it needs to redirect to the login page. I added the deny users line in the web.config file but then I get the following error:

HTTP Error 404.0 - Not FoundThe resource you are looking for has been removed, had its name changed, or is temporarily unavailable.

<authorization>
   <allow verbs="enterSharedScope, modifyState" roles="Administrators,Users" />
      <deny users="?" /> <!-- Added this to lock entire site -->
</authorization>

Does anyone no what I did wrong or what I need to do to accomplish this? Thanks in advance
This content has not been rated yet. 
42 Reputation 3 Total posts
shawndg

shawndg

5/9/2012 2:04:00 PM
I dont know if you can do it just by using the web config..

I think you would likely need to add your own custom master page and inside that write your deny logic..

Basically deny all pages but the login..

something like this I think..

using System;
using System.Collections.Generic;
using System.Web;
using MonoSoftware.MonoX.Utilities;

namespace TheScene.Web.MonoX.MasterPages
{
public class ThePittsburghSceneHeader
{

protected void Page_Load(object sender, EventArgs e)
{

//below code needs adjusted not sure how to do this with monox..
if ( this.Request.Url.ToString() != "login.aspx")

Guid userId = Guid.Empty;
userId = SecurityUtility.GetUserId();

if (userId != Guid.Empty)
{
//used logged in dont deny and redirectt.
}
else
{
//user not logged in redirect to login.aspx.
}

}

}


}
This content has not been rated yet. 
1871 Reputation 252 Total posts
khorvat

khorvat

5/9/2012 3:17:09 PM
Hi,

yes you can accomplish this with only the web.config by setting the following (Not using the WebPart authorization tag but System.Web one):
<system.web>
...
    <authorization>
      <deny users="?" />
      <allow users="*" />
    </authorization>
...
</system.web>

Regards
Rated 5.00, 1 vote(s). 
15993 Reputation 2214 Total posts
pevans

pevans

5/9/2012 3:56:16 PM
Thank You so much that is exactly what I needed. I didn't realize that WebParts had authorization as well. I have never used them before.
This content has not been rated yet. 
42 Reputation 3 Total posts