Re: Forms Authentication: <location> authorization not bypasssing login page.

From: Joe (J_no_spam_at__no_spam_Fishinbrain.com)
Date: 07/29/05 

Date: Fri, 29 Jul 2005 15:37:35 -0400

Here's a location tag the way I have it setup to avoid the authentication:

<location path="quickpage.aspx">
 <system.web>
   <compilation defaultLanguage="c#" debug="true" />
   <customErrors mode="Off" />
   <authorization>
    <allow users ="*"/>
   </authorization>
  </system.web>
 </location>

"M Gallagher" <mgallagher@arraysystems.com> wrote in message
news:G4AEe.15971$bG4.15252@fe06.lga...
>I am trying to configure my forms authentication so a certain page is not
>subject to a redirect to the login page. This seems like it should be a
>simple thing to do with a <location> tag, but its just not working.
>Requets to the page (public.aspx) specified in the <location> tag are still
>being redirected to the login page. The login page is in a subdirectory of
>the application root where web.config resides. Here is the code from the
>web.config file. Anyone know what Im doing wrong and why I cant grant
>access to that one page without hitting the login page?
>
> <configuration>
>
> <system.web>
>
> <authentication mode="Forms">
>
> <forms loginUrl="logon/logon.aspx" timeout="120"/>
>
> </authentication>
>
> <authorization>
>
> <allow roles="MyUsers"/>
>
> <deny users="*"/>
>
> </authorization>
>
> </system.web>
>
> <location path="logon">
>
> <system.web>
>
> <authorization>
>
> <allow users="*"/>
>
> </authorization>
>
> </system.web>
>
> </location>
>
> <location path="public.aspx">
>
> <system.web>
>
> <authorization>
>
> <allow users="*"/>
>
> </authorization>
>
> </system.web>
>
> </location>
>

Relevant Pages

  • Re: Default.aspx - newbie Q`
    ... check and redirect to the ReturnURL or Selected.aspx depending on the case. ... > and replace it with something that takes then straight to the login page. ... >> Curt Christianson ... >>> authentication ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Default.aspx - newbie Q`
    ... check and redirect to the ReturnURL or Selected.aspx depending on the case. ... > and replace it with something that takes then straight to the login page. ... >> Curt Christianson ... >>> authentication ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: ASP 2.0 Membership API
    ... After successful authentication, you want to redirect back to the original application, but the returnURL parameter contains only /App1 as the URL. ... The solution to that problem is adding a local login page to the application that does a manual redirect to the central authentication application. ... if not you have to use cookieless auth ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Detecting Failed Authorization
    ... after every authentication request and before the user ... is redirected to any login page. ... > "Ken Dopierala Jr." ... >> 'Redirect where you want the user to go. ...
    (microsoft.public.dotnet.framework.aspnet)
  • [Full-Disclosure] Advisory: Dark Age of Camelot - Weak encryption of network traffic exposed persona
    ... Weak encryption in game client exposed customer billing and authentication ... encryption for billing information. ... The login binary has undergone several updates since then. ...
    (Full-Disclosure)
Quantcast