Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > How do I use forms authentication on specific directories?

Reply
Thread Tools

How do I use forms authentication on specific directories?

 
 
Darrel
Guest
Posts: n/a
 
      04-22-2006
My app has an 'admin' folder. This is the only directory i need to apply
forms authentication to.

Googling seems to indicate that the solution is to just give the admin
folder it's own config file and set the authentication rules there.

However, when I do that, I get this error:

--------------------------
Parser Error Message: It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This error
can be caused by a virtual directory not being configured as an application
in IIS.
--------------------------------

Which, from what I can tell, is saying I can't do forms authentication in a
directory unless that directory is also an application.

So, is there a way to do what I want to do? I want one subdirectory of my
application (not an application itself) to use forms authentication.

-Darrel


 
Reply With Quote
 
 
 
 
Teemu Keiski
Guest
Posts: n/a
 
      04-22-2006
Hi,

you need to declare the authentication method used on root web.config with
<authenication> element, there's no way around that .

But with <location> tags in root web.config or web.config files in
subdirectories you can provide <authorization> elements to specify if
accessing a folder (or specific aspx page) needs authentication. E.g in root
web.config put
<authorization>
<allow users="*" />
</authorization>

But for specific subfolders you can deny it.

<location path="subfolder">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>

(or place this into separate web.config file on subdirectiry when <location>
wouldn't be needed)

--
Teemu Keiski
ASP.NET MVP, AspInsider
Finland, EU
http://blogs.aspadvice.com/joteke


"Darrel" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> My app has an 'admin' folder. This is the only directory i need to apply
> forms authentication to.
>
> Googling seems to indicate that the solution is to just give the admin
> folder it's own config file and set the authentication rules there.
>
> However, when I do that, I get this error:
>
> --------------------------
> Parser Error Message: It is an error to use a section registered as
> allowDefinition='MachineToApplication' beyond application level. This
> error can be caused by a virtual directory not being configured as an
> application in IIS.
> --------------------------------
>
> Which, from what I can tell, is saying I can't do forms authentication in
> a directory unless that directory is also an application.
>
> So, is there a way to do what I want to do? I want one subdirectory of my
> application (not an application itself) to use forms authentication.
>
> -Darrel
>



 
Reply With Quote
 
 
 
 
Darrel
Guest
Posts: n/a
 
      04-22-2006

> <location path="subfolder">
> <system.web>
> <authorization>
> <deny users="?" />
> </authorization>
> </system.web>
> </location>
>
> (or place this into separate web.config file on subdirectiry when
> <location> wouldn't be needed)


Thanks, Teemu. That worked perfectly!

-Darrel


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Best practices for using forms authentication and security in a hosted env (was: Re: Using a Forms authentication in a shared hosting environment) JEFF ASP .Net 1 11-12-2007 07:00 PM
forms authentication -- expired forms cookie vs. not provided forms cookie Eric ASP .Net Security 2 01-27-2006 10:09 PM
Forms authentication - Multiple login forms based on directory acc Keltex ASP .Net Security 1 01-24-2006 03:06 PM
Forms Authentication question: How to have some pages open and some requiring forms authentication Eric ASP .Net 2 02-13-2004 02:14 PM
Forms Authentication to specific folders Michael Tissington ASP .Net Security 24 02-03-2004 03:39 PM



Advertisments