Re: ASP.NET login authentication
From: Ken Dopierala Jr. (kdopierala2_at_wi.rr.com)
Date: 09/24/04
- Next message: JeTmAn: "How do I associate one control with others>"
- Previous message: Joerg Jooss: "Re: In Esposito's book, what's the purpose of going to session_expired.aspx?"
- In reply to: nicholas: "ASP.NET login authentication"
- Next in thread: nicholas: "Re: ASP.NET login authentication"
- Reply: nicholas: "Re: ASP.NET login authentication"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 24 Sep 2004 10:27:21 -0500
Hi,
What I do is I use one login page but then I create <location> tags. These
tags specify which users in which roles get to access pages in specific
folders. Be sure to assign roles to your users when they login. For
example:
<location path="Members/Administrator">
<system.web>
<authorization>
<allow roles="Administrator"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="Members/Registered">
<system.web>
<authorization>
<allow roles="Registered"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="Members/Shared">
<system.web>
<authorization>
<allow roles="Administrator, Registered"></allow>
<deny users="*"/>
</authorization>
</system.web>
</location>
The top location tag allows only people in the Administrator role to access
pages in the /Members/Administrator folder. The second tag allows
Registered users to view their pages. The third allows both Administrators
and Registered users to view the Shared folder. I put my <location> tags
directly above my <system.web> tag and directly below my <configuration> tag
in the Web.config file. Doing it this way you only need to have 1 login per
user and then they can go wherever they are allowed to. Good luck! Ken.
-- Ken Dopierala Jr. For great ASP.Net web hosting try: http://www.webhost4life.com/default.asp?refid=Spinlight "nicholas" <murmurait1@hotmail.com> wrote in message news:%23859cjkoEHA.3988@tk2msftngp13.phx.gbl... > Hi, > > Got an asp.net application and I use the "forms" authentication mode defined > in the web.config file. > > Everything works fine. > But now I would like to add a second, different login page for the users > that go in a specific folder. > How can I do this? > > I tried this: > > my root web.config contains: > ----------------------------- > <authentication mode="Forms"> > <forms name="GLWEB.ASPXAUTH" > loginUrl="login.aspx" > protection="All" > timeout="500" > path="/" > /> > </authentication> > > <authorization> > <allow users="*" /> > <deny users="?" /> > </authorization> > ----------------------------- > > But for the folder /members I want another login page, so I inserted this in > the web.config in the folder /members: > ----------------------------- > <authentication mode="Forms"> > <forms name="GLWEB.ASPXAUTH" > loginUrl="/members/login.aspx" > protection="All" > timeout="500" > path="/" > /> > </authentication> > > <authorization> > <allow roles="member" /> > <deny users="*" /> > </authorization> > ------------------------------- > > Hope someone can help me. > THX ! > >
- Next message: JeTmAn: "How do I associate one control with others>"
- Previous message: Joerg Jooss: "Re: In Esposito's book, what's the purpose of going to session_expired.aspx?"
- In reply to: nicholas: "ASP.NET login authentication"
- Next in thread: nicholas: "Re: ASP.NET login authentication"
- Reply: nicholas: "Re: ASP.NET login authentication"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
