Web config security settings

Kazim Kargi · Aug 21, 2003

Hi all;
I want to use user name and password in my asp.net project
for all aspx files but not for asmx files. Or i want to
use some files with user name but some another not
In web config my configuration is;
authentication mode="Forms">
<forms loginUrl="tom/ortak/LoginPage.aspx"
protection="All" path="/tom/"/>
</authentication>

<authorization>
<deny users="?"/>
</authorization>

I want some files not to ask user name/ pass while other
project files ask on same time. How can i do?

Thanks for your help...

Teemu Keiski · Aug 21, 2003

In the same web.config (that means also files in the same application)
specify a <location> tag (inside <configuration> outside <system.web>) that
points to the file. Inside it specify differentiating authorization details.

....
</system.web>
<location path="publicpage.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
....
</configuration>

If you need to protect other content than normal ASP.NET stuff like aspx,
asmx etc, you need to map that file extension in IIS for ASP.NET's ISAPI dll
so those files are served by ASp.NET (that they are *not* by default)

--
Teemu Keiski
MCP, Designer/Developer
Mansoft tietotekniikka Oy
http://www.mansoft.fi

AspInsiders Member, www.aspinsiders.com
ASP.NET Forums Moderator, www.asp.net
AspAlliance Columnist, www.aspalliance.com

How to effectively develop a web application from scratch?	0	Jul 2, 2023
location path not functioning within web.config -- no images/css	0	Mar 25, 2010
ASP.NET Forms Authentication with Oracle Integrated Security	2	Apr 25, 2006
authentication mode for specific files?	1	Jun 15, 2006
security...	0	Jun 11, 2006
Web Config Error?	2	Jan 5, 2005
aspx security?	1	Jan 7, 2005
Role base security and RedirectUrl	3	Oct 6, 2008

Web config security settings

Kazim Kargi

Teemu Keiski

Ask a Question

Similar Threads

Staff online

Members online

Forum statistics

Latest Threads