Forms Authentication

Øyvind Isaksen · Jan 22, 2006

I'm using Forms Authentication for my users to login to a website.
It works good, but there are a couple of files that should not be password
protected (such as "forgot password").

My question is:
Is there possible to specify some files that should not be password
protected?
EX: the file "forgotPassword.aspx" should not be password protected...

This is my Web.Config file:

<configuration>
<system.web>
<authentication mode="Forms">
<forms name=".loginASPX" loginUrl="default.aspx" protection="All"
timeout="480" path="/" />
</authentication>
<authorization>
<allow users="LoginOK" />
<deny users="*" />
</authorization>
</system.web>
</configuration>

Thank you!!!

Karl Seguin [MVP] · Jan 22, 2006

Absolutely.

Check out:
http://www.devhood.com/tutorials/tutorial_details.aspx?tutorial_id=85

but basically, outside your <system.web> you can specify the a <location>
which overrides the generic rules, ala:

<location path="forgot.aspx">
<system.web>
<authentication mode="None" />
</system.web>
</location>

Karl

Øyvind Isaksen · Jan 22, 2006

Thank you, this worked!!!

"Karl Seguin [MVP]" <karl REMOVE @ REMOVE openmymind REMOVEMETOO . ANDME
net> wrote in message news:[email protected]...

Forms Authentication for single directory	1	Nov 14, 2008
Can't use forms authentication when using IIS	5	Dec 31, 2009
What am I doing wrong with authentication?	3	Jul 17, 2009
Forms Authentication	4	Dec 10, 2007
Forms Authentication not Redirecting	1	Oct 19, 2007
Trouble with forms authentication	7	Nov 3, 2004
Is the login control with sql server express a known bug	7	Jan 1, 2010
Problem with ASP.NET 2.0 Location override of Forms Authentication settings	1	Mar 13, 2007

Forms Authentication

Øyvind Isaksen

Karl Seguin [MVP]

Øyvind Isaksen

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads