Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...DNN and ServervariablesDNN and Servervariables
Previous
 
Next
New Post
8/13/2013 6:43 PM
 
cathal connolly


cathal connolly's Avatar

www.cathal.co.uk
Joined: 4/9/2003
Posts: 9676
no, there is a difference between file authentication and user authentication. By default asp.net websites files (e.g. images, css, aspx etc.) all have read permissions for all users - as this includes the "anonymous" webuser it means anyone can browse a website and see the pages get loaded. If you want a site to only be accessible to authenticated users (e.g. logged onto your intranet domain) you can remove this read permission (i.e. for IUSR group and the IIS_IUSRS group) and then add in the relevant windows users/groups. Now to even see the site load a user must be either in a group or specified directly. As long as they are, then IIS will automatically load the page - and now that users value (e.g. dotnetnuke\cathal) is available via the logon_user. All of this is separate from authenticating as a website user - in that case the user can log into DNN with the default login and we create a forms auth cookie to track that. Whats entirely optional is that you could install the active directory project and configure it (i.e. set the domain controller etc.) and now when users go to the site they are automatically logged into the website also (if you set it up that way, otherwise they can simply click login and then the windows button) and the Active directory provider will create a DNN user and set some of it's settings to the active directory (AD) one and also synchronise and AD roles with DNN roles with the same name (if, again you have configured the AD provider to do so)
Buy the new Professional DNN7: Open Source .NET CMS Platform book Amazon US
 
New Post
8/14/2013 2:56 AM
 
Patrick Hellfeuer


Joined: 8/5/2013
Posts: 8

Thank you very much! I think I understand it better now.

I think that a file authentication is sufficient for my uses. I only need the UsedID of the Log_on-Varible for some Database queries.

I checked the permissions and the Folder have read and read/execute permissions for the usergroup "everyone", so anybody should be able to load it (as it is in Intranet everyone is automatically logged on). I for myself have additionally write permission. IIS has also permission to modify. So for that part I should be able to view the pages, right?

The IIS is still configured to only Windows authentication (impersonation enabled, managed pipeline mode: integrated). But I can not view the page (still 404 Error page).

I tried some simple asp and aspx scripts and both worked and showed me the Uservariables i need. ( only the scripts on server, nothing else)

<% @ Page Language="C#" %>
<%
foreach (string var in Request.ServerVariables)
{
  Response.Write(var + " " + Request[var] + "<br>");
}
%>

After that, my Serveradmin turned on the Form Authentication again, so i can log on on dnn afterwards. Also she turned off the impersonation (i guess it was automatically turned off).

Now only the asp script is working and not the aspx scripts.

Now I put the dnn installation back on the server and try to run it, and still get the 404 error and no possibility to login.

Does this mean I can not access the files and something with the IIS is off? Or is it my configuration?
 
New Post
8/15/2013 2:00 AM
 
Patrick Hellfeuer


Joined: 8/5/2013
Posts: 8

I have done some more testing:

I can run normal .asp files in my dnn installation folder and read the servervariables. But when i use aspx-Files i will get an 404 page not found error.  Is this a problem of the serverconfiguration or of my web.config/ dnn installation?

Which are the settings, that windows authentication is working?

I have folder persmission on everyone and but still get this 404 error page.

I'm thankful for any advice!
 
New Post
8/15/2013 8:44 AM
 
Patrick Hellfeuer


Joined: 8/5/2013
Posts: 8

Im sorry, doing the third post in a row, but the whole day testing brought up some new results:

From Serverside I think everything is working fine. (impersonation is disabled by the serveradmin, Anonym, Basic and Windows Authentication enabled)

I wrote two Scripts: one .asp and one .aspx to read the servervariables.

When there is nothing but those scripts on the webspace the variables are empty --> as anonymuous Authentication is enabled

If I add a web.config file which restricts the Anonymous User from accessing then the Windows Authentication works....

        <authentication mode="Windows" />
        <authorization>
             <deny users = "?" /> <!-- This denies access to the Anonymous user -->
        </authorization>

... and the Servervariables will be populated in both scripts.

If I do a fresh install of DNN 7.1,switch Forms for Windows authentication in web.config add the two Scripts an run them, the asp-Script will return the User. The aspx-Script will return the empty String.

 <authentication mode="Windows"/>

If I now add the restriction of the anonymous User as above, the asp-Script still returns the User, but the aspx-Script will prompt me to insert User and Password.

So for me it seems like first the asp-File is not affected by the config-File. And second there is a Problem with the DNN web.config, as it works fine with the very small config file.

1) Do you know a reason why the DNN-web.config could cause such problems?

2) Is it possible to actually call the asp-Script from within a DNN-module to get the variable that way?What I think of is a small script that will read the servervariable and add it ad a response header. In c# i can then read that header.

Thank you for your help!

 
New Post
8/15/2013 9:20 PM
 
cathal connolly


cathal connolly's Avatar

www.cathal.co.uk
Joined: 4/9/2003
Posts: 9676
it sounds like you do not have asp.net working - as that's a prerequisite for DNN I suggest you tackle that problem first-(Im confused as in your first post you mentioned your module so I assumed you had a working IIS with asp.net) - if you're getting a 404, it would often mean that asp.net is not installed or not enabled. Alternatively it can mean that you are using windows authentication but have not enabled windows authentication in IIS (http://technet.microsoft.com/en-us/library/cc754628(v=ws.10).aspx), or that you are using impersonation and that the user you are impersonating does not have writes to execute asp.net files. Regarding your final question, you cannot execute classic asp in an asp.net site (well, not very easily)
Buy the new Professional DNN7: Open Source .NET CMS Platform book Amazon US
 
 Page 2 of 3
Previous123Next 
Previous
 
Next
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...DNN and ServervariablesDNN and Servervariables


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out