G
Guest
Hi, I've configured a web app to use windows authentication and also set up two separate subdirectories to use forms authentication. It appears to work fine but I have never seen a sample that demonstrates both in the same web.config and I don't like assuming i've done this correctly and securely.
Please take a look at the following from my web.config and let me know what you think(its not the full config-- just stripped down to its essentials w/ no attributes) Its pretty basic, i just use a location element for each sub-dir and then set the auth mode inside of it. Thanks!
<?xml version="1.0" encoding="UTF-8" ?><configuration><system.web><authentication mode="Windows" /><authorization><allow users="*" /></authorization></system.web><location path="SecureArea1"><system.web><authentication mode="Forms"><forms loginUrl="login.aspx" /></authentication><authorization><deny users="?" /></authorization></system.web></location><location path="SecureArea2"><system.web><authentication mode="Forms"><forms loginUrl="login.aspx" / ></authentication><authorization><deny users="?" /></authorization></system.web></location></configuration>
Please take a look at the following from my web.config and let me know what you think(its not the full config-- just stripped down to its essentials w/ no attributes) Its pretty basic, i just use a location element for each sub-dir and then set the auth mode inside of it. Thanks!
<?xml version="1.0" encoding="UTF-8" ?><configuration><system.web><authentication mode="Windows" /><authorization><allow users="*" /></authorization></system.web><location path="SecureArea1"><system.web><authentication mode="Forms"><forms loginUrl="login.aspx" /></authentication><authorization><deny users="?" /></authorization></system.web></location><location path="SecureArea2"><system.web><authentication mode="Forms"><forms loginUrl="login.aspx" / ></authentication><authorization><deny users="?" /></authorization></system.web></location></configuration>