Allow anonymous access to subdirectory
- From: furiousmojo@xxxxxxxxx
- Date: 20 Jun 2006 06:27:25 -0700
Okay, so I thought this would be easy, but it's not turning out that
way. Let's see how good you guys are! :-)
I have a windows authentication-based Intranet application. An excerpt
from the web.config in the root of the application is as follows:
<authentication mode="Windows" />
<authorization>
<allow roles="mydomain\Domain Users" />
<deny users="*" />
</authorization>
<roleManager enabled="true"
defaultProvider="AspNetWindowsTokenRoleProvider"/>
<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
<providers>
<add name="XmlSiteMapProvider" description="Default SiteMap provider."
type="System.Web.XmlSiteMapProvider" siteMapFile="Web.sitemap"
securityTrimmingEnabled="true"/>
</providers>
</siteMap>
</system.web>
-----------------------------
Then in the /admin subdirectory, I have this:
<authorization>
<allow roles="mydomain\Admins,mydomain\Developers,mydomain\Budget
Admins" />
<deny users="*" />
</authorization>
Then in the a subdirectory inside /admin I have /property which has no
web.config and then inside property I have a folder called /external.
I want to grant anonymous users access to this /external directory...
so I added the following web.config to the /external directory:
<authorization>
<allow users="?" />
</authorization>
As for IIS, the root application authentication is integrated windows
authentication. Then for the external directory, I checked only
anonymous. This used to work in asp.net 1.x but now I'm using these
web.configs for security and it now prompts the user to log in.
However, if the user hits cancel, it shows the page. I just want to
prevent the login prompt from showing up.
Thanks in advance!
.
- Prev by Date: Re: any good ASP.NET Wiki Software?
- Next by Date: Global.asax not firing
- Previous by thread: Won't read my web.config file!!
- Next by thread: Global.asax not firing
- Index(es):
Relevant Pages
|
