Forms-Based Security below Application Level

A

Alex Maghen

If I have a site where I want to use Forms-Based security but only on one or
two SUB-directories of the Application root, I'm confused about how that
works.

Let's say I want wide-open annonymous access to the docroot and all of the
sub-directories except for /SecureFolder1/* and /SecureFolder2/*. I'm
confused about how I configure web.config to do this.

Alex
 
R

ranganh

Hi Alex,

You can very well do that.

In your web.config of the root directory, just put the following code:-


<location path="SecureFolder1">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>

<location path="SecureFolder2">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>


The above would deny anonymous access to only those files which are under
the securefolder1 and securefolder2. If you want to deny access to everyone,
make it to deny users=*, and if you want to deny particular user use deny
user="username", for roles, deny roles="rolename", basically you can do all
these settings at the web.config level.

Write back if you have doubts.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How to allow a specific domain to bypass my forms-based security 7
Role based security across sub directories 1
Forms Based Authentication and AD and Roles and Security Trimming! 0
Sharing ASPNET security 3
Forms Authentication / Role based security 1
Role based security question 4
Nested ASP.NET "Applications" 2
Forms based security 4

Members online

No members online now.
Total: 25 (members: 0, guests: 25)
Robots: 191

Forum statistics

Threads
473,766
Messages
2,569,569
Members
45,043
Latest member
CannalabsCBDReview

Latest Threads

Top