S
Stephen MarcAurele
I'm very new to ASP.Net so be gentle.
I have a question about Forms authentication. My question involves the
loginUrl (~/login.aspx by default), and how that page seems to be above any
laws set down in the <authorization> configuration. Simply put, I've
observed that anonymous users are granted access to the loginUrl even if
that resource exists in a directory that forbids anonymous access (<deny
users="?"/>).
Although this exception seems resasonable, I am wondering if I am missing
something here since I can't find any documentation that states that the
loginUrl is not subject to <authorization> as all other pages are.
Thanks for any insight.
- Steve
I have a question about Forms authentication. My question involves the
loginUrl (~/login.aspx by default), and how that page seems to be above any
laws set down in the <authorization> configuration. Simply put, I've
observed that anonymous users are granted access to the loginUrl even if
that resource exists in a directory that forbids anonymous access (<deny
users="?"/>).
Although this exception seems resasonable, I am wondering if I am missing
something here since I can't find any documentation that states that the
loginUrl is not subject to <authorization> as all other pages are.
Thanks for any insight.
- Steve