|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Blocking hyperlink access to 'secured' websiteWe deployed an intranet web application on a Windows Server 2000 with ASP.net 1.1. The application accepts connections via Integrated Windows authentication from users in a defined NT security group. The Anonymous access is disabled including the anonymous userid. This works well when users (with permission) access the app via the 'front door' so to speak (i.e. default URL) however, users without permission appear to be able to access the application via a 'back door' (i.e. directory hyperlink) if they are sent the link from someone who has access (though not related in any way of course). My question is obvious, how can we establish security on all directory levels? Thanks in advance for any insight. rjcmbc 
Other interesting topics
Problem with RSA.ImportParameters() under ASP .NET
AuthenticateAsServer/AuthenticateAsClient ProtectionLevel and iden Issues With User Control Embedded Into Web Page Since Installing .NET 2.0 CryptoAPI moving .net containers Encyption Translate BUILTIN to domain name NEED Solution for .NET 2.0 mscorcfg.msc w/o SDK impersonation in vb.net Caspol - Normal User |
|||||||||||||||||||||||
