Forms-Based Security below Application Level

Discussion in 'ASP .Net Security' started by Alex Maghen, Feb 17, 2005.

  1. Alex Maghen

    Alex Maghen Guest

    If I have a site where I want to use Forms-Based security but only on one or
    two SUB-directories of the Application root, I'm confused about how that
    works.

    Let's say I want wide-open annonymous access to the docroot and all of the
    sub-directories except for /SecureFolder1/* and /SecureFolder2/*. I'm
    confused about how I configure web.config to do this.

    Alex
    Alex Maghen, Feb 17, 2005
    #1
    1. Advertising

  2. Alex Maghen

    ranganh Guest

    Hi Alex,

    You can very well do that.

    In your web.config of the root directory, just put the following code:-


    <location path="SecureFolder1">
    <system.web>
    <authorization>
    <deny users="?" />
    </authorization>
    </system.web>
    </location>

    <location path="SecureFolder2">
    <system.web>
    <authorization>
    <deny users="?" />
    </authorization>
    </system.web>
    </location>


    The above would deny anonymous access to only those files which are under
    the securefolder1 and securefolder2. If you want to deny access to everyone,
    make it to deny users=*, and if you want to deny particular user use deny
    user="username", for roles, deny roles="rolename", basically you can do all
    these settings at the web.config level.

    Write back if you have doubts.




    "Alex Maghen" wrote:

    > If I have a site where I want to use Forms-Based security but only on one or
    > two SUB-directories of the Application root, I'm confused about how that
    > works.
    >
    > Let's say I want wide-open annonymous access to the docroot and all of the
    > sub-directories except for /SecureFolder1/* and /SecureFolder2/*. I'm
    > confused about how I configure web.config to do this.
    >
    > Alex
    ranganh, Feb 22, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Nathan Baulch

    Page level, IP based security...

    Nathan Baulch, Jul 21, 2003, in forum: ASP .Net
    Replies:
    2
    Views:
    361
    Nathan Baulch
    Jul 21, 2003
  2. pabbu
    Replies:
    8
    Views:
    719
    Marc Boyer
    Nov 7, 2005
  3. Kursat
    Replies:
    1
    Views:
    311
    Dominick Baier
    May 7, 2007
  4. Anthony
    Replies:
    0
    Views:
    148
    Anthony
    Aug 6, 2004
  5. kiran
    Replies:
    12
    Views:
    1,113
    Scott Sauyet
    Dec 7, 2011
Loading...

Share This Page