Results 1 to 5 of 5

Thread: How do I configure forms authentication? (resolved)

  1. #1

    Thread Starter
    Lively Member
    Join Date
    Sep 2002
    Posts
    66

    How do I configure forms authentication? (resolved)

    Here is my directory structure
    Code:
    [opsreport]
       web.config
       clientside.js
       styles.css
       logon.aspx
       default.aspx
       summary.aspx
       [dataentry]
          event.aspx
          followup.aspx
    [opsreport] is a virtual directory set as an application. [dataentry] is just a sub directory.

    I want anyomous access for all files in the [opsreport] and forms authentication for all the files in [dataentry]. I would also like this all configured from 1 web.config file.
    Last edited by jmeckley; Jun 4th, 2004 at 09:04 AM.
    Jason Meckley
    Database Analyst
    WITF

  2. #2

    Thread Starter
    Lively Member
    Join Date
    Sep 2002
    Posts
    66

    How do I configure forms authentication (resolved)

    I finally found an answer!

    http://www.theserverside.net/article...Authentication
    web.config
    Code:
    <location path="dataentry">
      <system.web>
        <authorization>
          <deny users="?" />
          <allow users="*" />
        </authorization>
      </system.web>
    </location>
    <location>
      <system.web>
        <authentication mode="Forms" >
          <forms
            name=".opsreport" 
            loginUrl="logon.aspx" 
            protection="All"
            slidingExpiration="true" 
            timeout = "10"
          />
        </authentication>
        <authorization>
          <allow users="?" />
        </authorization>
    ...
    Jason Meckley
    Database Analyst
    WITF

  3. #3
    Super Moderator Wokawidget's Avatar
    Join Date
    Nov 2001
    Location
    Headingly Occupation: Classified
    Posts
    9,632
    I can't get it to work
    I have a login aspx page and a main aspx page.
    I have used:
    Code:
        <authentication mode="Forms" >
          <forms
            name=".opsreport" 
            loginUrl="login.aspx" 
            protection="All"
            slidingExpiration="true" 
            timeout = "10"
          />
        </authentication>
        <authorization>
            <allow users="*" /> 
            <deny users="?" />
        </authorization>
    in my config file, but it still allows me to view the main.aspx when I haven't logged in
    What am I doing wrong?

    Woka

  4. #4
    Frenzied Member Fishcake's Avatar
    Join Date
    Feb 2001
    Location
    Derby, UK
    Posts
    1,092
    This line in your web.config
    PHP Code:
    <allow users="*" /> 
    is allowing all(*) users access to your site. Just delete or comment out that line and you should be fine with just <deny users="?" />.

  5. #5

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width