newbie: asp.net 2.0 security question

[Jeff]

Hey

asp.net 2.0

Below are some settings from my web.sitemap file and my web.config file.
With the current settings unathenticated users cannot view the Default.aspx
page. But I want unathenticated users to be able to view the Default.aspx
page.

web.sitemap:
<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
<siteMapNode url="Default.aspx" title="Home" description="">
<siteMapNode url="~/SecTest.aspx" title="Test" description="" >
</siteMapNode>
.... more sitemap nodes

web.config:
<authentication mode="Forms">
<forms cookieless="AutoDetect"
loginUrl="~/AccessDenied.aspx"
name="TBHFORMAUTH" />
</authentication>
<authorization>
<deny users="?"/>
</authorization>

I tryed to modify the "Home" SiteMapNode to <siteMapNode url="Default.aspx"
roles="?" title="Home" description=""> but I get an error saying that
authorization rules cannot contain "?"

What is the best practice here to enable unathenticated users access to the
Default.aspx page?

Jeff

 

[Cowboy \(Gregory A. Beamer\)]

Create a location for default.aspx:

<location path="default.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>

That will solve the problem.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

*************************************************
Think outside of the box!
*************************************************