We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

Form based auhentication using ISAPI filter [Answered]RSS

8 replies

Last post Jan 08, 2008 01:15 PM by anilr

  • Form based auhentication using ISAPI filter

    Dec 27, 2007 06:17 AM|imd|LINK

    Hi,

    I have to perform form based auhentication using ISAPI filter. When the user enters the username and password in a form and posts it, how do i get the data entered by the user ?

    I cannot use ASP or anything like that. Have to create a custom ISAPI authentication filter for the purpose ?
     

  • Re: Form based auhentication using ISAPI filter

    Dec 27, 2007 08:52 AM|jeff@zina.com|LINK

    Forms authentication is a function of ASP.NET, not an ISAPI filter.  You could always write an ISAPI filter that sets a cookie or other login token based on login credentials, or you could use Windows authentication, or stuck with ASP.NET forms authentication.  It all depends on what you're trying to accomplish.

    Jeff

    Have you Binged a solution before posting?
  • Re: Form based auhentication using ISAPI filter

    Dec 27, 2007 09:35 AM|imd|LINK

    All i would need is to get the data that has been entered in the form ie. the values entered in the username and password fields.

     

  • Re: Form based auhentication using ISAPI filter

    Dec 28, 2007 12:14 AM|steve schofield|LINK

    I suggest try not to reinvent the wheel when the .NET framework provides this functionality by default.

    http://samples.gotdotnet.com/quickstart/aspplus/doc/formsauth.aspx

    Steve Schofield
    Windows Server MVP - IIS
    http://iislogs.com/steveschofield
    http://www.IISLogs.com
    Log archival solution
    Install, Configure, Forget

  • Re: Form based auhentication using ISAPI filter

    Dec 31, 2007 02:26 AM|imd|LINK

     is there a way in which i can get the data that has been sent as a http post request ?

    POST /index.htm HTTP/1.1
    Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
    Referer: http://test.com/signin.htm
    Accept-Language: en-us
    Content-Type: application/x-www-form-urlencoded
    UA-CPU: x86
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322)
    Host: rsactp112.test.com
    Content-Length: 31
    Connection: Keep-Alive
    Cache-Control: no-cache

    userName=user&userPassword=pass
     

    All i need is to get this string  "userName=user&userPassword=pass"

     

  • Re: Form based auhentication using ISAPI filter

    Dec 31, 2007 03:44 AM|anilr|LINK

    Only way to get it from an ISAPI filter is using SF_NOTIFY_READ_RAW notification which is not supported in worker process isolation mode in IIS6 - also there is no way to set non-windows based authenticated user with an ISAPI filter - you would be much better writing an ISAPI extension and using HSE_REQ_EXEC_URL to set the authenticated user (only available on IIS6 and later) - of couse, using the already available forms auth in asp.net is probably the best/easiest way.

    Anil Ruia
    Software Design Engineer
    IIS Core Server
  • Re: Form based auhentication using ISAPI filter

    Dec 31, 2007 03:58 AM|imd|LINK

     @anilr

    Thank you. Thats what i was looking for 

  • Re: Form based auhentication using ISAPI filter

    Jan 08, 2008 10:31 AM|imd|LINK

    Hi,

    IIS by default does not accept POSTing data to a HTML page. and if any such request comes it gives a 405 error.

    What should i do to make IIS allow POSTing data to a HTML page ?

     

    Thanks & Regards

    Asif 

  • Re: Form based auhentication using ISAPI filter

    Jan 08, 2008 01:15 PM|anilr|LINK

    html files are just static files which are just served as-is, so POSTing to them makes no sense - if your html files actually contains dynamic content, map them to a dynamic script processor and you will be able to configure what verbs you want to support.

    Anil Ruia
    Software Design Engineer
    IIS Core Server