A
Adam
I have an asp.net site for which I want to protect two different folders
(for arguments sake, call them "members" and "admin").
I'm reading username and password info from a database, which is working
fine. My problem is that I can't see how, using the web.config file, I can
specify which login page each folder uses.
Part of my web.config in the root looks like:
<authentication mode = "Forms" >
<forms loginUrl = "login.aspx"
name = ".ASPXAUTH"
protection="All"
timeout="10"
path="/"
/>
(with an <allow users="?" />).
And in both the /admin and /members directory, it looks like:
<authorization>
<deny users="?" />
</authorization>
So when I try to access a aspx file in /admin, I get redirected to
/login.aspx. However, if I also want to protect the /members directory, how
do I configure it? At the moment, it's using the same session var
(.ASPXAUTH) for both types of login.
Currently, I also have a web.config in /members, but it looks the same as
the one in /admin, so when the user tries to access either the /members or
/admin directory they are redirected to /login.aspx. I want to members to
be redirected to members.login.aspx, and admin to redirect to
admin.login.aspx.
I hope that makes sense! I'm having problems explaining myself!
TIA,
A.
(for arguments sake, call them "members" and "admin").
I'm reading username and password info from a database, which is working
fine. My problem is that I can't see how, using the web.config file, I can
specify which login page each folder uses.
Part of my web.config in the root looks like:
<authentication mode = "Forms" >
<forms loginUrl = "login.aspx"
name = ".ASPXAUTH"
protection="All"
timeout="10"
path="/"
/>
(with an <allow users="?" />).
And in both the /admin and /members directory, it looks like:
<authorization>
<deny users="?" />
</authorization>
So when I try to access a aspx file in /admin, I get redirected to
/login.aspx. However, if I also want to protect the /members directory, how
do I configure it? At the moment, it's using the same session var
(.ASPXAUTH) for both types of login.
Currently, I also have a web.config in /members, but it looks the same as
the one in /admin, so when the user tries to access either the /members or
/admin directory they are redirected to /login.aspx. I want to members to
be redirected to members.login.aspx, and admin to redirect to
admin.login.aspx.
I hope that makes sense! I'm having problems explaining myself!
TIA,
A.