Forms Auth root "/" not authenticating sub folders and files

From: mark walker (markwalker42@hotmail.com)
Date: 03/28/03 

From: "mark walker" <markwalker42@hotmail.com>
Date: Thu, 27 Mar 2003 16:44:47 -0800

You might want to try setting the access permissions at
the file system level with NTFS. IIS should require the
credentials assigned at the file system level before
allowing access.

mark
>-----Original Message-----
>I have forms auth. setup for a web app with the path set
to "/". Everything
>seemed to be working fine until I tried jumping directly
into a file in a
>sub folder. If you make a request into any file in the
root directory, it's
>fine...if you request anything files outside of that
folder you can go
>directly to them without authenticating.
>
>The app is a review site where work is posted for client
review. All of the
>aspx file are located in the root. The subfolders contain
images or word
>docs, spreadsheets, etc. that are posted through the web
forms. Some of the
>subfolders are actually created when new jobs are created
etc. This would
>make it hard to add a path for each new folder created.
Does this affect the
>security? Isn't the root path "/" supposed to cover all
folders.
>
>Here is my web.config entry..
>
><system.web>
>....
> <authentication mode="Forms">
> <forms path="/" loginUrl="/login.aspx"
timeout="30"></forms>
>
> </authentication>
>
> <authorization>
> <deny users="?" />
> </authorization>
>....
></system.web>
>
>
>Any help is appreciated, thanks,
>
>Cy Huckaba
>T3 - Austin, TX
>www.t-3.com
>
>
>.
>