access only for authorizated/authenticated users, problem

J

Jeff

Hey

asp.net 2.0

I want my website to be available only for authenticated users (except the
front page (Default.aspx) which all users can view). If an anonymous user
tryes to access other pages than the default.aspx, then the user should be
redirected to AccessDenied.aspx.. There is the problem. I tested as a
unauthenitcated user and clicked on the menu item, instead of redirecting me
to AccessDenied.aspx I was redirected to Default2.aspx page... Default2.aspx
is the url in the menu item (see part of my web.sitemap below)

Below are some of my web.config settings:

I have a web portal which I want only to be accessible by authorizated
users. So I added these settings to web.config:
<authorization>
<allow users="*"/>
<deny users="?" />
</authorization>

<authentication mode="Forms">
<forms cookieless="AutoDetect"
loginUrl="~/AccessDenied.aspx"
name="TBHFORMAUTH" />
</authentication>

But I want the default.aspx page to be viewable for all users so I added
this setting:
<location path="default.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>

web.sitemap:
<siteMapNode url="Default.aspx" title="Home" description="">
<siteMapNode url="~/Default2.aspx" title="My Profile" description="" >
.....

Any ideas how I should solve this problem?

Best Regards!

Jeff
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,968
Messages
2,570,150
Members
46,697
Latest member
AugustNabo

Latest Threads

Top