Rank 2
I have a ASP.NET web application wich is secured with Forms Authentication. When an user is authenticated and authorized he can navigate to a RSS Feed and see the generated xml. No problem.
But now I want to access this same page throug a client like RSS bandit.
I can insert a username and password for a particular feed, but this isn't working because RSS Feed Readers don't support Forms Authentication.
Do you understand my problem? And... do you maybe know a solution?
Thanks anyway...
2 Answers, 1 is accepted
Rank 2
... to add some more information: I added this code in the page Onload from the page. In IIS I have set the security properties for the page on Basic authenctication. But... I still wants me to fill in a username and password for my localhost.
If User.Identity.IsAuthenticated = False Then
Dim authorization As String = Request.Headers("Authorization")
Dim tempConverted As Byte() = Convert.FromBase64String(authorization.Substring(6))
Dim userInfo As String = New ASCIIEncoding().GetString(tempConverted)
Dim usernamePassword As String() = userInfo.Split(New Char() {":"c})
Dim username As String = usernamePassword(0)
Dim password As String = usernamePassword(1)
' Check if user exists
Dim userID As Integer = VPAUsers.Login.CheckUser(username, password)
If userID = 0 Then Exit Sub
End If
Just a few ideas - although we do not believe this topic is related directly to r.a.d.controls. RSS Aggregators fake a GET request to the RSS feed - in a sense, they emulate browser requests. If the RSS feed is protected with some kind of authentication that does not allow browsers to access the feed, we believe this is pretty much the same with aggregators.
In essense, aggregators should not be able to load protected RSS feeds (if they do not support username/password option for example).
All the best,
Elton
the telerik team