Forms-Based protecting too much
From: iMonkey (iMonkey@clara.net)
Date: 03/29/03
- Next message: Mark Moeykens: "Re: Forms-Based protecting too much"
- Previous message: Paul Hatcher: "Re: Forms Authentication behavior on request denial"
- Next in thread: Mark Moeykens: "Re: Forms-Based protecting too much"
- Reply: Mark Moeykens: "Re: Forms-Based protecting too much"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "iMonkey" <iMonkey@clara.net> Date: Sat, 29 Mar 2003 16:59:19 -0000
Hi,
I have managed to implement forms based security on my application the
current directory structure looks something like this:
<Application Root>
|
|__<Unprotected>
|__blank.aspx
|
|_Default.aspx
|_Login.aspx
Hopefully you can see from the above diagram that there is a subfolder
called 'Unprotected' within the protected application root. I would like the
directory to be publically avaliable so that users that have OR haven't CAN
access the pages in this folder. I thought that by putting in a basic
web.config file with no mention of authorization or deny would make this
happen but it only seems to work some of the time.
Is there a particular command I can enter in the web.config so that that dir
is not protected???
One other point is I have a line FormsAuthentication.SignOut() linked to a
button on my default page, when you click this I assumed it would logout the
user but you can still access protected pages? It is only when you close all
browser windows and then load them up again you are logged out completely,
is there any way of fixing this?
iMonkey,
P.S. Thanks for any help
- Next message: Mark Moeykens: "Re: Forms-Based protecting too much"
- Previous message: Paul Hatcher: "Re: Forms Authentication behavior on request denial"
- Next in thread: Mark Moeykens: "Re: Forms-Based protecting too much"
- Reply: Mark Moeykens: "Re: Forms-Based protecting too much"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
