Restricting access to a file using web.config in FlexWiki

Posted By: OrangeJam | Feb 15th, 2006 @ 12:18 AM
page 1 of 1
Comments: 10 | Views: 1773
#Feb 15th, 2006 @ 12:18 AM
OrangeJam
OrangeJam

I tried adding this to the web.config file in FlexWiki

<location path="WikiBases/MyWiki/WikiPage.wiki">
<system.web>
   <authorization>
      <deny roles="AGroup" />
   </authorization>
</system.web>
</location>

I want to restrict AGroup from viewing the page with WikiPage as title but failed.

Anyone has any idea on how to restrict specific FlexWiki pages to any user or groups?

Thanks!!

#Feb 15th, 2006 @ 12:29 AM
Cybermagellan
Cybermagellan
Live for nothing, or die for everything
Question, where is FlexWiki from? I know you have a ton of questions about it...is there a reason you keep posting them here?
#Feb 15th, 2006 @ 12:33 AM
OrangeJam
OrangeJam
Because I saw some old threads discussing about FlexWiki here therefore I think I can get some answers here.

FlexWiki is an open source wiki, it's something like wikipedia..

Can go here to check it out www.flexwiki.com
#Feb 15th, 2006 @ 1:53 AM
Manip
Manip

I don't use IIS, I've never written a web.config file in my life and I haven't tested the following, but here is my guess. 

<configuration><BR>   <location path="WikiBases/MyWiki/WikiPage.wiki"><BR>      <system.web><BR>        <authorization><BR>          <allow users="*" /><BR>          <deny users="AGroup" /><BR>        </authorization><BR>      </system.web><BR>   </location><BR></configuration>


#Feb 15th, 2006 @ 3:59 AM
OrangeJam
OrangeJam
Nope doesn't work but thanks anyway!!! Smiley
#Feb 15th, 2006 @ 7:39 AM
Manip
Manip
OrangeJam wrote:
Nope doesn't work but thanks anyway!!!


You are putting it in the root of the server, correct? Not in some sub-directory?
#Feb 15th, 2006 @ 5:46 PM
OrangeJam
OrangeJam
Yep I put it in the root directory..!! I think the location tag doesn't support non aspx files
#Feb 16th, 2006 @ 5:04 AM
Mike Dimmick
Mike Dimmick

I don't think the ASP.NET authorization system ever sees the .wiki part.

A typical FlexWiki URL would be, for example, http://channel9.msdn.com/wiki/default.aspx/Channel9.ProductFeedback

The way I think it works is that IIS's URL parser follows the whole path until it reaches the 'default.aspx' in the middle. It sees that default.aspx is a file, not a directory, so it looks up the aspx extension in the metabase and sees that it's associated with ASP.NET. ASP.NET then determines if the user has access to default.aspx. If so, it runs the page.

The remainder of the path, in this case /Channel9.ProductFeedback, is available to FlexWiki's default.aspx in the HttpRequest object's PathInfo property. FlexWiki uses that, and the NamespaceMap.xml file, to determine which file contains the raw wiki data. Here it would be ProductFeedback.wiki in the WikiBase folder for the Channel9 namespace; archives are in ProductFeedback(timestamp-user).awiki files.

Basically, you need some form of authorization mechanism within FlexWiki itself, and at the moment, I don't think there is one. Feel free to suggest it on the SourceForge tracker.

#Feb 16th, 2006 @ 6:16 AM
OrangeJam
OrangeJam
Hey thank, actually I tried to map non-asp.net files through the aspnet_isapi process so that it can be authenticated..this is done using IIS...see the link below for more info

http://www.dotnetcoders.com/web/Articles/ShowArticle.aspx?article=43

I tried it on many files like.jpg, .html but this doesn't seem to work on .wiki files...

sigh...There's no authenticating mechanism for FlexWiki? This is going to be tough...heh
#Feb 16th, 2006 @ 10:53 AM
Red5
Red5
Systems Manager Curmudgen
This Article may provide some help/insight.
#Feb 16th, 2006 @ 6:44 PM
OrangeJam
OrangeJam
Hey thanks...I think this will help a lot. Trying to read it now.Smiley
page 1 of 1
Comments: 10 | Views: 1773
Microsoft Communities