RE: Forms-Based Security below Application Level
From: ranganh (ranganh_at_discussions.microsoft.com)
Date: 02/22/05
- Next message: Anushi: "postback doesn't work with validators.!"
- Previous message: ranganh: "Re: Forms-Based Authentiction and NON ASP.NET Assets"
- In reply to: Alex Maghen: "Forms-Based Security below Application Level"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 22 Feb 2005 02:41:02 -0800
Hi Alex,
You can very well do that.
In your web.config of the root directory, just put the following code:-
<location path="SecureFolder1">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="SecureFolder2">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
The above would deny anonymous access to only those files which are under
the securefolder1 and securefolder2. If you want to deny access to everyone,
make it to deny users=*, and if you want to deny particular user use deny
user="username", for roles, deny roles="rolename", basically you can do all
these settings at the web.config level.
Write back if you have doubts.
"Alex Maghen" wrote:
> If I have a site where I want to use Forms-Based security but only on one or
> two SUB-directories of the Application root, I'm confused about how that
> works.
>
> Let's say I want wide-open annonymous access to the docroot and all of the
> sub-directories except for /SecureFolder1/* and /SecureFolder2/*. I'm
> confused about how I configure web.config to do this.
>
> Alex
- Next message: Anushi: "postback doesn't work with validators.!"
- Previous message: ranganh: "Re: Forms-Based Authentiction and NON ASP.NET Assets"
- In reply to: Alex Maghen: "Forms-Based Security below Application Level"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
