"Jon Haakon Ariansen" <jona@spama.no> wrote in message
news:Owg3wJFlGHA.1260@TK2MSFTNGP05.phx.gbl...
> Hi,
>
> In short my problem is securing static pages, so that unauthorized
> (anonymous) people doesn't get access to these files. You'll find a
> detailed description below.
>
> I have a websolution that is made in Dotnet 2.0. The solution send the
> user
> to a correct module based on the users credentials. The users credentials
> are compared with username and password in MS SQL database which provide
> the
> right path to where the user is going. Thus the solution uses Form
> authentication to verify the user.
> The desination after login is mostly static pages (htm/html) calling Flash
> modules.
>
> One of my problems (not the biggest) is that the user keeps getting
> throwed
> out and have to log on again - several times. We need to get the
> application
> to be more presistant when the user has logged on. I'm not sure why the
> user
> have to log on all the time, but my guess is that when the user uses the
> flash module, IIS is not aware that the user is still logged on and when
> the
> user finally requests a new page there's been a timeout. In this case I
> have
> to find a solution to make the user beeing loged in. I guess I can use a
> cookie for this, but then I guess the user will always come to the same
> module. The user has to be presented the login page on startup each time,
> because the user might try another module.
>
> My biggest problem is after associating aspnet_isapi.dll with htm/html in
> IIS I'm not able to view
> htm/html at all. I get "Page cannot be displayed", however some modules
> end
> on ".asp" and these files show okey, though ASP is associated as well with
> asp_isapi.dll.
> I've tried to find a solution based on this article:
> http://msdn.microsoft.com/msdnmag/issues/05/11/SecureWebApps/
> but I'm not sure if it's the best for me.
>
> Hope there is some who can help me with this.
>
> Kind regards,
>
> Jon Haakon
>
>
>
>

"Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
news:eJzIcOOlGHA.3740@TK2MSFTNGP02.phx.gbl...
> Hi,
>
> a) Flash files generally run on the client. So even if you associate a
> flash file (or the containing HTML) with ASP.NET, if the client spends 20+
> minutes playing with the flash file on their client browser and don't make
> any requests to the server, the forms authentication ticket will still
> expire
>
> b) The "page can not be displayed" is a generic error. Look further down
> the page to see what the real error message is. Do you see a "500 Internal
> Server Error"? or "404 File Not Found"? or "Can not contact server or DNS
> error"? What do you see?
>
> Cheers
> Ken
>
>
> "Jon Haakon Ariansen" <jona@spama.no> wrote in message
> news:Owg3wJFlGHA.1260@TK2MSFTNGP05.phx.gbl...
>> Hi,
>>
>> In short my problem is securing static pages, so that unauthorized
>> (anonymous) people doesn't get access to these files. You'll find a
>> detailed description below.
>>
>> I have a websolution that is made in Dotnet 2.0. The solution send the
>> user
>> to a correct module based on the users credentials. The users credentials
>> are compared with username and password in MS SQL database which provide
>> the
>> right path to where the user is going. Thus the solution uses Form
>> authentication to verify the user.
>> The desination after login is mostly static pages (htm/html) calling
>> Flash
>> modules.
>>
>> One of my problems (not the biggest) is that the user keeps getting
>> throwed
>> out and have to log on again - several times. We need to get the
>> application
>> to be more presistant when the user has logged on. I'm not sure why the
>> user
>> have to log on all the time, but my guess is that when the user uses the
>> flash module, IIS is not aware that the user is still logged on and when
>> the
>> user finally requests a new page there's been a timeout. In this case I
>> have
>> to find a solution to make the user beeing loged in. I guess I can use a
>> cookie for this, but then I guess the user will always come to the same
>> module. The user has to be presented the login page on startup each time,
>> because the user might try another module.
>>
>> My biggest problem is after associating aspnet_isapi.dll with htm/html in
>> IIS I'm not able to view
>> htm/html at all. I get "Page cannot be displayed", however some modules
>> end
>> on ".asp" and these files show okey, though ASP is associated as well
>> with
>> asp_isapi.dll.
>> I've tried to find a solution based on this article:
>> http://msdn.microsoft.com/msdnmag/issues/05/11/SecureWebApps/
>> but I'm not sure if it's the best for me.
>>
>> Hope there is some who can help me with this.
>>
>> Kind regards,
>>
>> Jon Haakon
>>
>>
>>
>>
>
>