Captcha with asp.net membership and security

2 posts, 0 answers
  1. Sameh Awad
    Sameh Awad avatar
    2 posts
    Member since:
    Sep 2012

    Posted 07 Dec 2009 Link to this post

    Hi,

    I have added a captcha to a login control and then tried to apply the security in the web.config.
    <authorization > 
                <deny users="?" /> 
                <allow users="?" /> 
            </authorization> 
        </system.web> 
        <location path="Bin"
            <system.web> 
                <authorization> 
                    <allow users ="*" /> 
                </authorization> 
            </system.web> 
        </location> 
        <location path="login.aspx"
            <system.web> 
                <authorization> 
                    <allow users ="*" /> 
                </authorization> 
            </system.web> 
        </location> 
        <location path="CSS"
            <system.web> 
                <authorization> 
                    <allow users ="*" /> 
                </authorization> 
            </system.web> 
        </location> 
        <location path="Images"
            <system.web> 
                <authorization> 
                    <allow users ="*" /> 
                </authorization> 
            </system.web> 
        </location> 
     and also added the form in the authentication tag. What happens is when loading the login page is that the captcha image isnot shown, when i remove the first authorization tag, and reload the login page the image appear. It seems that applying the security this way has denied access to the image.

    So what should I change to enable the images to be shown again?

    Best regards,
    Sameh Awad
  2. Pero
    Admin
    Pero avatar
    1156 posts

    Posted 09 Dec 2009 Link to this post

    Hello Sameh,

    You also need to allow access to the RadCaptcha httpHandler that serves the CaptchaImage. The following code allows access to all the files in the specified folder and the RadCaptcha httpHandler:

    <location path="Users_Management/Pages/CreateUser">
        <system.web>
          <authorization>
              <allow users="*"/>
          </authorization>
        </system.web>
    </location>
     
    <location path="Telerik.Web.UI.WebResource.axd">
       <system.web>
         <authorization>
           <allow users="*"/>
         </authorization>
       </system.web>
    </location>

    In case you still have problems, please send us a running project and we will set the access permissions for you.

    Greetings,
    Pero
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
  3. UI for ASP.NET Ajax is Ready for VS 2017
Back to Top