J
Joey Lee
Hi,
I have a default.aspx page which has PlaceHolder where it will call
different *.acx file based on the request url.
eg http://localhost/default.aspx?module=home
will put a home.ascx in the place holder
and
eg http://localhost/default.aspx?module=admin
will put a admin.ascx in the place holder
both the home and admin have its own folder respectively, where home.ascx is
in /home folder and admin.ascx is in /admin folder.
So I would like to implement form authentication, that if the user is not
authenticated, when the default page is called with the parameter of
module=admin, the user will be rejected.
As normal i will create another web.config file in the folder and restrict
all user which is not authenticated. However this did not work in my case
where the page which is invoked is the default.aspx page regardless of all
the .ascx files that are called.
From the look of it only if i create an aspx file in the admin folder and
call it like
http://localhost/admin/admin.aspx then the authentication will work where
the user is rejected.
Is there any way to use form authentication for this?, or would I have to do
a different set of coding in the default page which will check if the ascx
page being called is retricted or not?
Or, would it be my design is totally wrong where i shouldn't have only a
single aspx file calling different "module" which are totally coded as ascx
files?
Thanks in advance.
Joey
I have a default.aspx page which has PlaceHolder where it will call
different *.acx file based on the request url.
eg http://localhost/default.aspx?module=home
will put a home.ascx in the place holder
and
eg http://localhost/default.aspx?module=admin
will put a admin.ascx in the place holder
both the home and admin have its own folder respectively, where home.ascx is
in /home folder and admin.ascx is in /admin folder.
So I would like to implement form authentication, that if the user is not
authenticated, when the default page is called with the parameter of
module=admin, the user will be rejected.
As normal i will create another web.config file in the folder and restrict
all user which is not authenticated. However this did not work in my case
where the page which is invoked is the default.aspx page regardless of all
the .ascx files that are called.
From the look of it only if i create an aspx file in the admin folder and
call it like
http://localhost/admin/admin.aspx then the authentication will work where
the user is rejected.
Is there any way to use form authentication for this?, or would I have to do
a different set of coding in the default page which will check if the ascx
page being called is retricted or not?
Or, would it be my design is totally wrong where i shouldn't have only a
single aspx file calling different "module" which are totally coded as ascx
files?
Thanks in advance.
Joey