T
Tilman
Hi,
I'm having a problem setting up web.config to challenge for authentication
on some pages, but not others.
Here is what I'm doing:
<configuration>
....
<system.web>
....
<authentication mode="Windows" />
<authorization>
<allow users="*"/>
</authorization>
....
</system.web>
<location path="server/local" allowOverride="false">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
</configuration>
I.e. i'd like to allow all users on all pages, except on all pages below
the server/local directory, where I'd like IIS to challenge anonymous users
for authentication. The odd thing is that this only seems to work if the
parent directory of 'local', i.e. 'server' exists on disk.
The thing is, that I'm working with a custom IHttpHandler that generates
pages dynamically, and uses the path to pages to decide which pages to create
(not ideal, maybe, but it's something I haven't got control over). That is,
neither the 'server' nor the 'local' directory exist on disk, and so pages
are returned without challenge. I can create some directories manually, as
they are fairly static, but others are created dynamically.
So, my question is, am I doing something wrong, or is it a bug. Or is this
how it's supposed to work, and if so, is there a work around?
Cheers,
Tilman
I'm having a problem setting up web.config to challenge for authentication
on some pages, but not others.
Here is what I'm doing:
<configuration>
....
<system.web>
....
<authentication mode="Windows" />
<authorization>
<allow users="*"/>
</authorization>
....
</system.web>
<location path="server/local" allowOverride="false">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
</configuration>
I.e. i'd like to allow all users on all pages, except on all pages below
the server/local directory, where I'd like IIS to challenge anonymous users
for authentication. The odd thing is that this only seems to work if the
parent directory of 'local', i.e. 'server' exists on disk.
The thing is, that I'm working with a custom IHttpHandler that generates
pages dynamically, and uses the path to pages to decide which pages to create
(not ideal, maybe, but it's something I haven't got control over). That is,
neither the 'server' nor the 'local' directory exist on disk, and so pages
are returned without challenge. I can create some directories manually, as
they are fairly static, but others are created dynamically.
So, my question is, am I doing something wrong, or is it a bug. Or is this
how it's supposed to work, and if so, is there a work around?
Cheers,
Tilman