Troubled authentication in subdirectories

Discussion in 'ASP .Net' started by Benton, Mar 24, 2007.

  1. Benton

    Benton Guest

    Hi there,

    I want to have an unrestricted root directory and some protected
    subdirectories on my ASP.NET 2.0 application. I want each subdirectory to
    have its own Login.aspx page.

    The following article is a good start, but it uses a single Login.aspx
    located in the root directory to protect a subdirectory:

    http://www.theserverside.net/tt/articles/showarticle.tss?id=FormAuthentication

    The technique described in the article uses a "location" section in
    web.config, where a custom "system.web" section is defined for the protected
    subdirectory.

    Now if I put the "authentication mode" section inside this custom
    "system.web" for the subdirectory (so I can define the subdirectory Login
    page), I get a compiler error on the "authentication" section:

    Error 1 It is an error to use a section registered as
    allowDefinition='MachineToApplication' beyond application level. This error
    can be caused by a virtual directory not being configured as an application
    in IIS. D:\WebSites\RegencyWeb\web.config 42

    If I put the "authentication" section in the root "system.web" (outside of
    the location's "system.web") then the application compiles fine, but I'm
    limited to a single Login.aspx for the application.

    So how can I solve this?

    Thanks for any insight,

    -Benton
    Benton, Mar 24, 2007
    #1
    1. Advertising

  2. You can only have one authentication section in a web application. You don't
    solve this, it's by design. The only thing you can do is alter the login
    page based upon where the user is coming from, ie: which subdirectory. The
    only other way is to make the subdirectories their own independent
    application spaces. Of course, you can specify whatever authorization
    limitations you want in the specific subdirectories, that doesn't matter,
    just keeping in mind there can only be one authentication section and one
    logon page.


    --
    Hope this helps,
    Mark Fitzpatrick
    Former Microsoft FrontPage MVP 199?-2006

    "Benton" <> wrote in message
    news:...
    > Hi there,
    >
    > I want to have an unrestricted root directory and some protected
    > subdirectories on my ASP.NET 2.0 application. I want each subdirectory to
    > have its own Login.aspx page.
    >
    > The following article is a good start, but it uses a single Login.aspx
    > located in the root directory to protect a subdirectory:
    >
    > http://www.theserverside.net/tt/articles/showarticle.tss?id=FormAuthentication
    >
    > The technique described in the article uses a "location" section in
    > web.config, where a custom "system.web" section is defined for the
    > protected subdirectory.
    >
    > Now if I put the "authentication mode" section inside this custom
    > "system.web" for the subdirectory (so I can define the subdirectory Login
    > page), I get a compiler error on the "authentication" section:
    >
    > Error 1 It is an error to use a section registered as
    > allowDefinition='MachineToApplication' beyond application level. This
    > error can be caused by a virtual directory not being configured as an
    > application in IIS. D:\WebSites\RegencyWeb\web.config 42
    >
    > If I put the "authentication" section in the root "system.web" (outside of
    > the location's "system.web") then the application compiles fine, but I'm
    > limited to a single Login.aspx for the application.
    >
    > So how can I solve this?
    >
    > Thanks for any insight,
    >
    > -Benton
    Mark Fitzpatrick, Mar 24, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Thieum22
    Replies:
    1
    Views:
    681
    Joe Smith
    Aug 6, 2004
  2. Replies:
    3
    Views:
    426
    Matt Humphrey
    Sep 23, 2006
  3. A. Cavallo
    Replies:
    0
    Views:
    470
    A. Cavallo
    May 24, 2009
  4. Grant Harmeyer

    Forms Authentication on Subdirectories of App

    Grant Harmeyer, Feb 10, 2004, in forum: ASP .Net Security
    Replies:
    1
    Views:
    109
    Hernan de Lahitte
    Feb 12, 2004
  5. Diane Y
    Replies:
    1
    Views:
    223
    do u find solution
    Mar 28, 2006
Loading...

Share This Page