Forms authentication to enter a static website

2 Apr 2005 5:48 AM

Scott Bass

We have designed a simple forms authentication ASP.Net 1.1 application to access an existing static website (thousands of .htm pages). The application authenticates against a SQL server. Also, the authentication ticket is not setup to be persistent. The application works great as long as we access .aspx or any .Net extension. Even though I have entered a Application Extension Map for .htm to the aspnet_isapi.dll, after the first login, the forms authentication does not function for the .htm files. Now, if you quit the browser session and then start up a new session and go to a .aspx page or any page with a .Net extension, the login starts working again. It's real evident that the authentication ticket/cookie is working just fine for the .aspx files but not the .htm files. This occurs on both Windows 2000 and 2003. Help!!!

Microsoft has had this for over a week and can't provide any answers. Any help will be appreciated. Thanks very much.

Scott

___
Newsgroups brought to you courtesy of www.dotnetjohn.com

2 Apr 2005 1:20 PM

Nicole Calinoiu

Scott,

A couple of things to verify in your ISAPI mapping:

1. Have you mapped both .htm and .html extensions?
2. What HTTP verbs did you include in the mapping? (Absolute minimum
should probably be GET and POST.)

If the ISAPI mapping isn't likely to be the root of the problem, the next
thing to check would be the HttpHandler used for HTML files. To do this,
you'll need to verify the configuration\system.web\httpHandlers nodes of the
machine.config file and any relevant web.config files. HTML files (by .htm
and .html extensions) should probably be handled via the StaticFileHandler
in your case. This is the default handler for GET requests, but it could be
that your config files are already set up for non-default behaviour.

If you can't find any problems with the above settings, could you please
provide further details of both your IIS and ASP.NET authentication,
authrorization, and impersonation configurations?

HTH,
Nicole

Show quoteHide quote

"Scott Bass" <aspneth***@insurancewholesalers.com> wrote in message
news:u56Lpe0NFHA.3076@TK2MSFTNGP14.phx.gbl...
> We have designed a simple forms authentication ASP.Net 1.1 application to
> access an existing static website (thousands of .htm pages). The
> application authenticates against a SQL server. Also, the authentication
> ticket is not setup to be persistent. The application works great as long
> as we access .aspx or any .Net extension. Even though I have entered a
> Application Extension Map for .htm to the aspnet_isapi.dll, after the
> first login, the forms authentication does not function for the .htm
> files. Now, if you quit the browser session and then start up a new
> session and go to a .aspx page or any page with a .Net extension, the
> login starts working again. It's real evident that the authentication
> ticket/cookie is working just fine for the .aspx files but not the .htm
> files. This occurs on both Windows 2000 and 2003. Help!!!
>
> Microsoft has had this for over a week and can't provide any answers. Any
> help will be appreciated. Thanks very much.
>
> Scott
>
>
> ___
> Newsgroups brought to you courtesy of www.dotnetjohn.com

4 Apr 2005 11:01 PM

Scott Bass

Nicole,

Thanks very much for your response. Modifying the httphandlers was
exactly what I needed. Instead of the StaticFileHandler though, I used
the PageHandlerFactory (just as a first shot) and it worked great. I
will be trying the StaticFileHandler though because I also have some
.pdf, .jpg, and .exe to deal with. While I modified the httphandlers in
the machine.config, I will be working to make the additions to just the
web.config.

Working with the httphandlers is something new to me but the more I get
into them the more sense it makes. But, for now, I'm on the right track
and actually making some progress. Thanks again for your input, I
really appreciate it.

Scott

*** Sent via Developersdex http://www.developersdex.com ***