how to let the web.config in the sub-directory to NOT to inherited from Root's web.config.

[Benny Ng]

Hi,all,

How to let the sub-directory to avoid the authentication control from Root's
webconfig?
I heard that we can add a new web.config to the sub-directory. And then we
can slove the problem.

Virtual directory is £ºhttp://localhost/main

Sub-directory is : http://localhost/main/reminder

My application used the Forms Authentication, then all files in every
directory is controlled by the Forms Authentication. But now i want a
sub-directory to avoid this. (user can access this directory directly,
Needn't to Login.)

In my application, the user can access the http://localhost/main/reminder
and needn't to authentication.


When I add the new web.config(cancel the forms authentication section), and
when I access this URL(http://localhost/main/reminder), The following error
shown:

*****************************************************
Configuration Error
Description: An error occurred during the processing of a configuration file
required to service this request. Please review the specific error details
below and modify your configuration file appropriately.

Parser Error Message: It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This error
can be caused by a virtual directory not being configured as an application
in IIS.

Source Error:


Line 38: by Microsoft that offers a single logon and core profile
services for member sites.
Line 39: -->
Line 40: <authentication mode="None">
Line 41: <!--<forms name=".ASPXAUTH" loginUrl="Login.aspx"
protection="All" timeout="80" path="/"/>-->
Line 42: </authentication>


Source File: C:\Projects.Net\SalesChecking\Reminder_Update\web.config
Line: 40
******************************************

Can anyone give me some suggestion about it?

Any suggestion about this are appreciated. Thanks!

Benny Ng

 

[ViewState]

try to make a application directory where the web.config will be located

 

[Tasos Vogiatzoglou]

Set the location tag in webconfig
in the first web.config
<location path="<path to app>" allowOverride="true">
</location>

in the second web.config to
<location path="" allowOverride="false">
</location>

 

[Juan T. Llibre]

No, that will not help him.

He wants one application with a subdirectory, not 2 applications.

Benny :

If "SalesChecking" is your "main" application, and is defined as an
Application is IIS, and "Reminder_Update" is your "reminder"
directory, which is *not* configured as an Application, you should
be able to place a properly configured web.config in it which changes
the authorization mode for that directory, without needing the "reminder"
subdirectory to be an application of its own, and without changing
the authentication scheme.

Please notice the phrase "a properly configured web.config",
and please notice that there's both "authorization" and "authentication" involved.

I mention that because the web.config you currently have is
configured to request Forms Authorization from the base directory:

Line 41: <forms name=".ASPXAUTH" loginUrl="Login.aspx"
protection="All" timeout="80" path="/"/>

You can simply delete the whole authentication section
of that web.config and replace it with :

<authorization>
<allow users="*" />
</authorization>

That should fix your error problem *and* allow your users
to use the resources in the "reminder" subdirectory freely.

I could have just posted the code to replace,
but I wanted you to understand *why* that needs to be done.

Also, you should review the differences in meaning between
"authentication" and "authorization", for future use.

In this case, you only need to change the "authorization" permissions;
you don't have to change the "authentication" permissions.

 

[Juan T. Llibre]

Hi, Tasos.

While -in principle- that would work in many situations,
in practice it would fail in this situation because what's needed
is not to request authentication again, but to change the
authorization mode for the subdirectory.

That is most easily done by getting rid of the authentication configuration
in the subdirectory's web.config, and replacing it with:

<authorization>
<allow users="*" />
</authorization>

 

[JIMCO Software]

Hi,all,

How to let the sub-directory to avoid the authentication control from
Root's webconfig?
I heard that we can add a new web.config to the sub-directory. And
then we can slove the problem.

Virtual directory is £ºhttp://localhost/main

Sub-directory is : http://localhost/main/reminder

My application used the Forms Authentication, then all files in every
directory is controlled by the Forms Authentication. But now i want a
sub-directory to avoid this. (user can access this directory directly,
Needn't to Login.)

You could place another web.config in the subfolder and just remove the
<authentication> section. The authentication section has an AllowDefinition
of MachineToApplication. That means you can set it at the machine level or
the application level. You can't set it below the application level.

I always opt for a <location> tag in the root's web.config instead of adding
new web.configs. The reason is that if you add a new web.config in the
sub-folder, you will need to remember it's there and you might not!

You could easily add a <location> tag for your sub-folder. Just add this to
the root's web.config BETWEEN the closing </system.web> tag and the closing
</configuration> tag:

<location path="/thesubfolder">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

--
Jim Cheshire
JIMCO Software
http://www.jimcosoftware.com

FrontPage add-ins for FrontPage 2000 - 2003

 

[Juan T. Llibre]

Hi, Jim.

re:

I always opt for a <location> tag in the root's web.config instead of adding new
web.configs. The reason is that if you add a new web.config in the sub-folder, you will
need to remember it's there and you might not!

I suppose that's a question of developer preference.

My preference is to have a web.config in any subdirectory that
needs custom settings different from the main application.

My reason ? Sometimes you need extensive customizations and,
if you have many subdirectories, configuring everything in one base
web.config could lead to a humongous base web.config.

Also, remember that your whole application will restart if the base
web.config is edited just to change a subdirectory's custom settings.

That could cause some havoc with session variables which
should not be affected by changes in a subdirectory, for example,
because the Application won't be restarted if you edit a web.config
in a subdirectory which is not configured as an application.

I'm glad we both recommended that the authentication section
be eliminated, and that an authorization section be inserted, though.

That's the key to Benny's solution.

 

[JIMCO Software]

Hi, Jim.

re:

I suppose that's a question of developer preference.

Also, remember that your whole application will restart if the base
web.config is edited just to change a subdirectory's custom settings.

That could cause some havoc with session variables which
should not be affected by changes in a subdirectory, for example,
because the Application won't be restarted if you edit a web.config
in a subdirectory which is not configured as an application.

Yes, it's developer preference and it depends on how often you think you
might need to modify your configuration.

You are absolutely correct on both counts. Only the web.config in the root
is monitored for file change notifications, so you're better off putting a
web.config in the subfolder itself if you think you might need to modify the
configuration at some later point.

--
Jim Cheshire
JIMCO Software
http://www.jimcosoftware.com

FrontPage add-ins for FrontPage 2000 - 2003

 

[Benny Ng]

Hi,Llibre and JimCO and ViewState and Tasos,
Thank you for your's help. and I Slove this problem by your all helps.

At least, I select JimCo's solution.

<location path="/thesubfolder">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

This configuration section can let the sub-folder to avoid the Forms(users)
Authentication.

Now the pages that in that sub-folder can let all users to access without
authentication.

Seems now all runs smoothly.

Actually from your all opinions.Seems to add "location" section is better
than add sub-web.config file to the special folder.But anyway, maybe add
"location" is the best way to me . Surely it's very simple. ^-^

Thank you very much.


Benny Ng

 

[Benny Ng]

Hi,Llibre and JimCO and ViewState and Tasos,
Thank you for your's help. and I Slove this problem by your all helps.

At least, I select JimCo's solution.

<location path="/thesubfolder">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

This configuration section can let the sub-folder to avoid the Forms(users)
Authentication.

Now the pages that in that sub-folder can let all users to access without
authentication.

Seems now all runs smoothly.

Actually from your all opinions.Seems to add "location" section is better
than add sub-web.config file to the special folder.But anyway, maybe add
"location" is the best way to me . Surely it's very simple. ^-^

Thank you very much.


Benny Ng