S
Steve R.
I am developing my ASP.NET application with VS and the ASP.NET server
on the same box. When I attempt to access protected (in web.config)
pages locally, inside or outside of VS, it incorrectly lets me in
without asking me to log in. On a remote box, it behaves correctly. I
have other apps on that server that force a logon correctly when
accessed locally. I've developed several apps on this exact same box
and this issue has never shown up before.
This is just a simple development web server. Both apps mentioned are
in the same Default Web Site, both web configs are the same. I've
stared at both of them for what seems like hours. I've checked the
settings in IIS, again, no appaarent differences. Here's the relevant
part of web.config for the app that allows complete access without a
logon:
<system.web>
<authentication mode="Forms">
<forms name="AHDAuth" loginUrl="logon.aspx" protection="All"
path="/" />
</authentication>
</system.web>
SNIP
<location path="Quote.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="SupplierInfo.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
Any help would be accepted gratefully.
on the same box. When I attempt to access protected (in web.config)
pages locally, inside or outside of VS, it incorrectly lets me in
without asking me to log in. On a remote box, it behaves correctly. I
have other apps on that server that force a logon correctly when
accessed locally. I've developed several apps on this exact same box
and this issue has never shown up before.
This is just a simple development web server. Both apps mentioned are
in the same Default Web Site, both web configs are the same. I've
stared at both of them for what seems like hours. I've checked the
settings in IIS, again, no appaarent differences. Here's the relevant
part of web.config for the app that allows complete access without a
logon:
<system.web>
<authentication mode="Forms">
<forms name="AHDAuth" loginUrl="logon.aspx" protection="All"
path="/" />
</authentication>
</system.web>
SNIP
<location path="Quote.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="SupplierInfo.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
Any help would be accepted gratefully.