Knowing the user name in a Page

views:

answers:

Knowing the user name in a Page

Let's assume the following:

I have an IIS web site set up
IIS is configured to use Digest authentication
I'm running an ASP.NET page
The page has a code-behing assembly that overrides Page_Load

When a user navigates to that page, I get a security prompt for the username and password. If the username and password are invalid (i.e. incorrect password) is there a way for the called page, in Page_Load to know, or does IIS handle this and return the 401 before the ASP.NET engine ever gets around to resolving the actual Page class that will get executed?

+1 A:

If you are using IIS authentication the webpage won't be compiled whatsoever if authentication fails.

If you can bypass this behavior I do not know, but its the default behavior. But since IIS use ntfs security I find it hard for the webserver to even be allowed to read the page in any case.

Jonas B 2010-04-26 22:53:55

The code-behind is precompiled, but I don't think that matters. I kind of suspected your answer, but am wondering if there's a way to subvert the behavior.

ctacke 2010-04-26 22:55:05

Ah yeah well.. as I don't really know and it's likely hard considering it's security on ntfs level. But I think it should be possible to have a custom 401 page if that is any help

Jonas B 2010-04-26 22:56:14

A custom 401 might be a reasonable workaround for me if there's no way to get at it from the page (likely the case).

ctacke 2010-04-26 22:58:23

ansaurus

tags:

views:

answers:

Knowing the user name in a Page

related questions