This is what my web.config file currently looks like. I only want my users to be able to access their pages in the /Login folder after they've logged in. With what I have now, they can still get to any of the pages in the /Login folder without logging in. I think I'm missing something simple. Any ideas?
<configuration>
<location path="khooper/Login">
<system.web>
<customErrors mode="Off"/>
<compilation debug="true"/>
<authentication mode="Forms">
<forms name="appNameAuth" loginUrl="index.aspx" protection="All" timeout="60" path="/">
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
</configuration>Have a look at :Using Forms Authentication in ASP.NET - Part 2
Regards
I think you wants to apply security on a folder name Login
Take a look at this web.config file
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<compilation defaultLanguage="c#" debug="false" />
<customErrors mode="RemoteOnly" />
<authentication mode="Forms">
<forms loginUrl="Login/login.aspx" protection="All" path="/" />
</authentication>
<authorization>
<allow users="*" />
</authorization>
<trace enabled="false" requestLimit="10" pageOutput="false"
traceMode="SortByTime" localOnly="true" />
<sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false" timeout="20" />
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
</system.web>
<location path="Login">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
</configuration>
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment