Re: Forms Authentication question: How to have some pages open and some requiring forms authentication

From: Dan (dan_at_dontspam.com)
Date: 02/13/04 

Date: Fri, 13 Feb 2004 09:57:53 -0000

Try this:

In your root web.config

 <authentication mode="Forms">
  <forms name="MyAuth" loginUrl="/public/Login.aspx" protection="All"
timeout="60" />
 </authentication>

Then, in your secure folder, add a web.config which contains just this:

<configuration>
 <system.web>
  <authorization>
   <deny users="?" />
  </authorization>
   </system.web>
</configuration>

Hope this helps, Dan.

"Eric" <glorfindel02@hotmail.com> wrote in message
news:_b_Wb.15845$IF1.8766@fed1read01...
> I am trying to build an app where the stuff in the root directory is open
to
> all, but anything under the Restricted directory requires you to login and
I
> want to use Forms to do it. I'm having trouble getting the web.config to
> work properly.
>
> First I tried to have a second web.config in the sub directory with
> authentication and authorization set to forms, but it blew up.
> Next, I tried to modify the root web.config in the following manner
wanting
> it to only force a login when trying to navigate into the sub directory
but
> it takes me to the login right away:
> I thought setting the path to the sub directory would restrict it to pages
> in the sub directory but it's not working.
> <authentication mode="Forms" >
>
> <forms loginUrl="FormsAuthenticated/login1.aspx" name="AuthCookie"
> timeout="60" path="/FormsAuthenticated"></forms>
>
> </authentication>
>
>
>
> <authorization>
>
> <deny users="?" />
>
> <allow users="*" />
>
> </authorization>
>
>
>
>
>
>

Relevant Pages