http://forums.asp.net/16.aspxDiscuss and debate ASP.NET application designs. <a href="http://aspadvice.com/SignUp/list.aspx?l=8&c=17" target="_blank">Email List</a>enCommunityServer 2007 SP1 (Build: 20510.895)http://forums.asp.net/thread/2608911.aspxTue, 09 Sep 2008 08:11:43 GMT4c671506-2930-414c-a40b-8bf57ded5924:2608911bioscom0http://forums.asp.net/thread/2608911.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=16&PostID=2608911<p>&nbsp;</p> <p>What you can do is to develop a code in your global.asax file, that will have to authenticate a user by a Token, if there is no Token when the site is navigated, the user should nbe redirected to another page.</p>http://forums.asp.net/thread/1785483.aspxTue, 03 Jul 2007 18:55:26 GMT4c671506-2930-414c-a40b-8bf57ded5924:1785483securedwebdevl0http://forums.asp.net/thread/1785483.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=16&PostID=1785483<p>I found this topic very interesting, as i am going through the same scenario. </p> <p>To get this scenario of authorization. </p> <p>I created a ASP.NET 2.0 web application to authenticate against an Active Directory and i am providing linkbuttons based on the roles&nbsp;of the&nbsp;athenticated users to navigate them to another website which exists in the internal webserver of our corporate network across ISA server 2006 Firewall.<br />ASP.NET 2.0 exists in DMZ on one side of the Firewall and the internal webserver and Active Directory exists (in corporate network)&nbsp;on the other side of the Firewall.</p> <p>Now the question is: How can i secure the internal website? When the user clicks the linkbutton i need to expose the internal website to that authenticated user and hide or mask the URL which comes up in the address bar, so that user cannot get to the internal website by placing the URL in a new browser window. </p> <p>Can anything be done in the ASP.NET web application?&nbsp; and how the ISA proxy Server Firewall be configured? </p> <p>Please provide any reference or suggest in this regard. Appreciate your help.&nbsp; </p> <p>&nbsp;</p>http://forums.asp.net/thread/1545639.aspxWed, 24 Jan 2007 03:52:34 GMT4c671506-2930-414c-a40b-8bf57ded5924:1545639webdevl0http://forums.asp.net/thread/1545639.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=16&PostID=1545639<p>If you run into any issues repost and I will try and help you work through them.&nbsp; If you consider this answered and closed please mark the post as such :).</p>http://forums.asp.net/thread/1545329.aspxTue, 23 Jan 2007 22:45:35 GMT4c671506-2930-414c-a40b-8bf57ded5924:1545329yodhava0http://forums.asp.net/thread/1545329.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=16&PostID=1545329thanks, i will give that a try.http://forums.asp.net/thread/1543539.aspxMon, 22 Jan 2007 23:59:25 GMT4c671506-2930-414c-a40b-8bf57ded5924:1543539webdevl0http://forums.asp.net/thread/1543539.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=16&PostID=1543539Since this is an internet website and not a intranet site, I would suggest using forms authentication to do user authentication.&nbsp; For communication between the webserver and the sql server you will need to open up the correct ports in the firewall and setup a sql server account for authentication.&nbsp; This account should be a low privilege account and only have permissions on the views and stored procs needed for your website to work correctly.&nbsp;http://forums.asp.net/thread/1543469.aspxMon, 22 Jan 2007 22:48:12 GMT4c671506-2930-414c-a40b-8bf57ded5924:1543469yodhava0http://forums.asp.net/thread/1543469.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=16&PostID=1543469<p>THanks for the deployment article pointers. </p> <p>But how would user authentication and authorization work in this setup? How would the app running on the webserver on the other side of the firewall detect and connect to the SQL Server running inside our corporate network within a different domain? </p> <p>&nbsp;</p>http://forums.asp.net/thread/1540912.aspxSat, 20 Jan 2007 21:44:34 GMT4c671506-2930-414c-a40b-8bf57ded5924:1540912webdevl0http://forums.asp.net/thread/1540912.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=16&PostID=1540912<p>Debugging Remotely requires specialized setup, which would be difficult to setup within your current environment, so&nbsp; I recommend developing localy and using one of the many different deployment methods built incorporated with VS2005.&nbsp; Here are some links about deployment </p> <p><a href="http://weblogs.asp.net/scottgu/archive/2005/11/06/429723.aspx">http://weblogs.asp.net/scottgu/archive/2005/11/06/429723.aspx</a></p> <p><a href="http://west-wind.com/weblog/posts/5601.aspx">http://west-wind.com/weblog/posts/5601.aspx</a></p> <p><a href="http://msdn2.microsoft.com/en-us/asp.net/aa336619.aspx">http://msdn2.microsoft.com/en-us/asp.net/aa336619.aspx</a></p>http://forums.asp.net/thread/1539988.aspxFri, 19 Jan 2007 19:40:50 GMT4c671506-2930-414c-a40b-8bf57ded5924:1539988yodhava0http://forums.asp.net/thread/1539988.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=16&PostID=1539988<p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;">I am working on developing our company’s Internet website. <o:p></o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;">The webserver running IIS 6.0 is located across the firewall in a DMZ in its own Windows domain and I am planning on doing the development from my computer located on our LAN in a different windows domain. The webserver is not dual-homed (only connected to the firewall PIX) and we have not built any trust relations between these two domains as we want to minimize interdependencies for security reasons. Tools to be used are VS 2005, ASP.NET 2.0 and some 3^rd party tools. <o:p></o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;"><o:p>&nbsp;</o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;"><o:p></o:p></span>&nbsp;</p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;">Questions are: <o:p></o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;">How do I develop this site from my computer which is in a different domain and on the other side of the firewall? Is this type of development mode even feasible? <o:p></o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;">Or would the best practice be to develop the site locally and then deploy the website project on the webserver via a msi setup package or by using the FTP feature? </span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;">How would the user authentication work? <o:p></o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;"><o:p>&nbsp;</o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;">Any feedback, article links etc. will be much appreciated. <o:p></o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;">Thanks in advance. <o:p></o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;"><o:p>&nbsp;</o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;">-Yodhava<o:p></o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;"><o:p>&nbsp;</o:p></span></p> <p class=MsoNormal style="MARGIN:0in 0in 0pt;"><span style="FONT-SIZE:10pt;FONT-FAMILY:Arial;"><o:p>&nbsp;</o:p></span></p>