Re: Forms Authentication for only selected webforms? How to do thi

From: Rich (Rich_at_discussions.microsoft.com)
Date: 03/16/05 

Date: Wed, 16 Mar 2005 06:51:04 -0800

Thanks! This is great help. I'm going to try that out, and am sure it will
solve my little problem.

Cheers!
Richard

"Brock Allen" wrote:

> If you want to selectively configure authorization use the <location> element
> in web.config. It allows you to change settings for a specific path:
>
> <configuration>
> <system.web>.....</system.web>
>
> <location path="default.aspx">
> <system.web>
> <authorization>
> <allow users="*" />
> </authorization>
> </system.web>
> </location>
>
> <location path="admin.aspx">
> <system.web>
> <authorization>
> <allow roles="Admin" />
> <deny users="*" />
> </authorization>
> </system.web>
> </location>
>
> </configuration>
>
> -Brock
> DevelopMentor
> http://staff.develop.com/ballen
>
>
>
> > Hi,
> >
> > I might have missed this perhaps, but here's my query:
> >
> > I am presently designing a site that is for public use in general.
> > However, several forms (pages) I need authentication from members.
> >
> > For example: default.aspx is allowed for everyone, but members.aspx
> > isn't (and so are various pages)
> >
> > So when public users try to access the members.aspx site, they will
> > need to log in. (typically on login.aspx)
> >
> > If I use Forms-authentication, normally ALL requested pages will be
> > re-directed to the generic login.aspx page, on which the user
> > credentials are checked. This scenario will not work for me.
> >
> > My main question is therefore, while using forms-authentication, can I
> > setup my default.aspx in such a way that it will NOT redirect to
> > login.aspx when a public user requests it? Would there be a property
> > or such that I can set, for example, so that requests to default.aspx
> > will sort of bypass the form-authentication mechanism.
> >
> > Alternatively, I could check user credentials in every page.load-event
> > in a some kind of custom-security way, and deal with redirection to
> > login.aspx from there, but i guess I need to be sure whether nothing
> > already exists that deals with this while using forms-authentication.
> >
> > Appreciate any feedback, tips, and comments etc...
> >
>
>
>
>

Relevant Pages

  • Re: Trouble Accessing secure page
    ... > If the ASPX is the default, I am prompted with a login screen. ... > I want public users to go to the HTM. ... > (No error message appears) ... > Why am I not prompted for a userid/password when I redirect? ...
    (microsoft.public.inetserver.iis.security)
  • Re: Forms Authentication for only selected webforms? How to do this
    ... > So when public users try to access the members.aspx site, ... > My main question is therefore, while using forms-authentication, can I ... > setup my default.aspx in such a way that it will NOT redirect to ... > or such that I can set, for example, so that requests to default.aspx ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Forms Authentication for only selected webforms? How to do this
    ... So when public users try to access the members.aspx site, ... My main question is therefore, while using forms-authentication, can I setup ... my default.aspx in such a way that it will NOT redirect to login.aspx when a ... so that requests to default.aspx will sort of bypass the ...
    (microsoft.public.dotnet.framework.aspnet.security)