March 24th, 2006, 12:43 AM
Password protected web pages- IIS 6.0
My friend is hosting a web site with IIS 6.0, and right now when you go to the site it gives you a login popup because he has anonymous access disabled. But what he wants to do is have some way in IIS to allow any user to go to the index page without authorization and when the user clicks on any other pages from the index, then it would pop up the login screen. This would allow users to be able to request a username and password from the index page. I know it can be done through web programming and databases and complicated procedures, such as when you login to AO for example, but he was wanting maybe a solution purely from an IIS standpoint. So when you click on a link, it pops up a login screen and allows you to login through IIS.
Or if someone could direct me in the right direction of having a feature like that through coding, such as logging into a website actually on the page, then that would be helpful to.
March 24th, 2006, 04:39 AM
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
March 24th, 2006, 12:08 PM
1. configure iis to allow anonymous access.
2. on unprotected files add the iis account has read access in the windows security policy.
3. on protected files remove the iis account access completely in the windows security policy.
4. create the new accounts you want to grant access to.
5. establish the correct rights for these accounts on the protected files AND unprotected files.
6. select the type of authentication you wish iis to support.
the downside of this approach is that it scales badly and you will need to configure the new accounts to be secure.
the upside of this approach is the speed of implementation and the lack of new code to introduce.