secure folder with 100's of html pages

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

Please do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This forum is for discussing mojoPortal development

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

You can monitor commits to the repository from this page. We also recommend developers to subscribe to email notifications in the developer forum as occasionally important things are announced.

Before posting questions here you might want to review the developer documentation.

Do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.
This thread is closed to new posts. You must sign in to post in the forums.
9/29/2009 10:54:19 AM
Rick Hubka
Gravatar
Total Posts 245
View Posts
mojoPortal Community Expert

secure folder with 100's of html pages

Hi

Is there a way of having a folder with 100's of html pages forced to be under mojoPortal security.

We have an Oracle database and our Toad Tool generates pages for each database objects (hundreds).  We would like developers to have access to this but once they access the first page, they have left the mojoPortal security umbrella.  We have this folder inside the data directory.

It's easy enough to have the first page secure but once they begin further navigation... gone.  I could write a C# app or have CodeSmith mod the pages???

My gut feel is that this can not be done.

9/29/2009 11:02:20 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: secure folder with 100's of html pages

I think maybe it can be done in IIS 7 if you make .NET the handler for all files like in the article for using extensionless urls. That setting <modules runAllManagedModulesForAllRequests="true"> invokes .NET for all requests including requests for images and html files etc.

However then to enforce role permission you would need to implement a custom HttpModule and plug it in using Web.config modules section.

Inside the module you would check if the request was for an html file in the particular folder, if not then do nothing, if so then check the WebUser.IsInRoles() for your allowed roles and if not in the role redirect to access denied page.

Hope it helps,

Joe

You must sign in to post in the forums. This thread is closed to new posts.