I am sure I am just doing this wrong but for the life of me I can not get things to play nicely. I am just starting to install and configure CruiseControl.net on a WS2008 X64 VM. The install seemed to go a little funny as it didn't create an IIS site for the dashboard, I ended up just doing that my self and pointing it at:
C:\Program Files (x86)\CruiseControl.NET\webdashboard
(had to add permissions for iis_iusrs for it to deal with config files, not sure how good that actually is).
Anyway, so I can view the web dashboard now and get into the admin section etc. Ultimately I want this site to be accessible online for ease of use by the team so it needs to be locked down and secure. So to that end I put the following sections on the web.config:
<authentication mode="Forms">
<forms name="appNameAuth" path="/" loginUrl="server/local/SimpleUserLogin.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="jon" password="test" />
<user name="mike" password="test" />
</credentials>
</forms>
</authentication>
If I put the following section in I can get to the login screen but will always be sent back to it even after I login and can never see any other pages:
<authorization>
<deny users="?" />
</authorization>
I also have this outside of the system.web section:
<location path="server/local/SimpleUserLogin.aspx">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>
My goal is to direct all non logged in users to the login page and no where else, once logged in they can view any page. Am I being a blonker here?
Thanks
Ok, So found out I was going about this all wrong. As I am using 1.5 there is a new feature for security:
http://confluence.public.thoughtworks.org/display/CCNET/Configuring+the+Server
The link above shows all the settings with some example configs. Basically I put the following in the ccnet.config:
<internalSecurity>
<users>
<!-- Authenticated users -->
<passwordUser name="bob" display="Bob (Team Lead)" password="bob1"/>
<passwordUser name="jane" display="Jane (BA)" password="jane2"/>
<passwordUser name="john" display="John (QA)" password="john3"/>
<passwordUser name="joe" display="Joe (QA)" password="joe4"/>
<!-- Generic role -->
<simpleUser name="*"/>
</users>
<permissions>
<!-- Roles -->
<rolePermission name="Testers" forceBuild="Allow" defaultRight="Deny">
<users>
<userName name="john"/>
<userName name="joe"/>
</users>
</rolePermission>
<rolePermission name="Releasers" forceBuild="Allow" defaultRight="Deny">
<users>
<userName name="bob"/>
<userName name="jane"/>
</users>
</rolePermission>
</permissions>
this worked great with a bit of tweeking. Hope it can help someone else.