Forms Authentication: <location> authorization not bypasssing login page.

Discussion in 'ASP .Net Security' started by M Gallagher, Jul 24, 2005.

  1. M Gallagher

    M Gallagher Guest

    I am trying to configure my forms authentication so a certain page is not
    subject to a redirect to the login page. This seems like it should be a
    simple thing to do with a <location> tag, but its just not working. Requets
    to the page (public.aspx) specified in the <location> tag are still being
    redirected to the login page. The login page is in a subdirectory of the
    application root where web.config resides. Here is the code from the
    web.config file. Anyone know what Im doing wrong and why I cant grant
    access to that one page without hitting the login page?

    <configuration>

    <system.web>

    <authentication mode="Forms">

    <forms loginUrl="logon/logon.aspx" timeout="120"/>

    </authentication>

    <authorization>

    <allow roles="MyUsers"/>

    <deny users="*"/>

    </authorization>

    </system.web>

    <location path="logon">

    <system.web>

    <authorization>

    <allow users="*"/>

    </authorization>

    </system.web>

    </location>

    <location path="public.aspx">

    <system.web>

    <authorization>

    <allow users="*"/>

    </authorization>

    </system.web>

    </location>
    M Gallagher, Jul 24, 2005
    #1
    1. Advertising

  2. M Gallagher

    Joe Guest

    Here's a location tag the way I have it setup to avoid the authentication:

    <location path="quickpage.aspx">
    <system.web>
    <compilation defaultLanguage="c#" debug="true" />
    <customErrors mode="Off" />
    <authorization>
    <allow users ="*"/>
    </authorization>
    </system.web>
    </location>

    "M Gallagher" <> wrote in message
    news:G4AEe.15971$...
    >I am trying to configure my forms authentication so a certain page is not
    >subject to a redirect to the login page. This seems like it should be a
    >simple thing to do with a <location> tag, but its just not working.
    >Requets to the page (public.aspx) specified in the <location> tag are still
    >being redirected to the login page. The login page is in a subdirectory of
    >the application root where web.config resides. Here is the code from the
    >web.config file. Anyone know what Im doing wrong and why I cant grant
    >access to that one page without hitting the login page?
    >
    > <configuration>
    >
    > <system.web>
    >
    > <authentication mode="Forms">
    >
    > <forms loginUrl="logon/logon.aspx" timeout="120"/>
    >
    > </authentication>
    >
    > <authorization>
    >
    > <allow roles="MyUsers"/>
    >
    > <deny users="*"/>
    >
    > </authorization>
    >
    > </system.web>
    >
    > <location path="logon">
    >
    > <system.web>
    >
    > <authorization>
    >
    > <allow users="*"/>
    >
    > </authorization>
    >
    > </system.web>
    >
    > </location>
    >
    > <location path="public.aspx">
    >
    > <system.web>
    >
    > <authorization>
    >
    > <allow users="*"/>
    >
    > </authorization>
    >
    > </system.web>
    >
    > </location>
    >
    Joe, Jul 29, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Hermit Dave

    Forms Login Page Not Login Out

    Hermit Dave, Jan 12, 2004, in forum: ASP .Net
    Replies:
    5
    Views:
    458
    Hermit Dave
    Jan 13, 2004
  2. Pascal Blanchard
    Replies:
    0
    Views:
    240
    Pascal Blanchard
    Aug 17, 2004
  3. Pascal Blanchard
    Replies:
    1
    Views:
    273
    Pascal Blanchard
    Aug 18, 2004
  4. Eric
    Replies:
    2
    Views:
    467
  5. SeanRW
    Replies:
    1
    Views:
    353
    Dominick Baier [DevelopMentor]
    May 25, 2006
Loading...

Share This Page