web.config and location...

N

Natan

I have an directory structure like this:

localhost/site/myapp
localhost/site/myapp/author/
localhost/site/myapp/revisor/
localhost/site/myapp/editor/
localhost/site/myapp/admin/

myapp is an application and is where my web.config is located. I must
create 4 completely separated areas for authors, revisors, and editor
and an admin. The 4 areas will be completely different, so i put each of
them in a different folder.

So, each of the 4 folders have a login form, the user authenticates and
can do his job. I am trying to use the Form Authentication that ASP.NET
provides, but i don`t want an user authenticated for "author" to have
access to "revisor" area... or an "editor" have access to "admin". there
are no privilegies, no admin will access author area. So each folder
will have it`s own authentication.

I tried this:

[localhost/site/myapp/web.config]
<configuration>
<location path="author">
<authentication mode="Forms">
<forms name="AUTHOR_AUTH" loginUrl="~/author/login.aspx" />
</authentication>
<authorization>
<deny users="?">
</authorization>
</location>

<location path="revisor">
<authentication mode="Forms">
<forms name="REVISOR_AUTH" loginUrl="~/revisor/login.aspx" />
</authentication>
<authorization>
<deny users="?">
</authorization>
</location>

<and etc="... =)"/>
</configuration>

but it`s not redirecting to the login page.. i can enter any folder
always. I don`t know if my web.config is wrong, or Windows
Authentication comes first to authorize...

anyone can help?
thanks...
 
C

Curt_C [MVP]

you can only have one auth method per site/vd.
You will have to create each with its own virtual dir if you want it to have
it's own auth
Otherwise, have them login at the top level, and control auth based on
groups,id's,etc
 
N

Natan

Curt_C said:
you can only have one auth method per site/vd.
You will have to create each with its own virtual dir if you want it to have
it's own auth
Otherwise, have them login at the top level, and control auth based on
groups,id's,etc
Click to expand...

what prevents an app from having multiple logins, if you have the
"location" tag to specify different configs for different directories
and the cookie path can be changed?

And how do i disable windows authentication in my app?
 
C

Curt_C [MVP]

web.config wont allow it, it's part of the asp.net framework I believe. ONE
auth type per "site/vd". You can override/exclude/include but you can't set
multiple types

--
Curt Christianson
Owner/Lead Developer, DF-Software
www.Darkfalz.com
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

location element in web.config 1
web.config error in cassini 2.0 4
location path not functioning within web.config -- no images/css 0
Problem with ASP.NET 2.0 Location override of Forms Authentication settings 1
Restrict access to Classic ASP pages in web.config 2
Authenticate Users In Web.Config? 1
Web.config <location> not redirecting 5
ASP.NET forms security and web.config 1

Members online

Total: 31 (members: 1, guests: 30)
Robots: 495

Forum statistics

Threads
473,769
Messages
2,569,579
Members
45,053
Latest member
BrodieSola

Latest Threads

Top