Authorization of specific pages

Ask a Question related to ASP.NET Security, Design and Development.

  1. Andy G #1

    Default Authorization of specific pages

    I have my authorization in web.config set to <deny users="?" />, this is
    what I want because we use forms authenthentication that sets a auth cookie.
    We have a few pages that need to be accessed without the user having the
    auth cookie. Is there a simple way to list the certain pages that you want
    "unprotected"? I tried using the below and I get that stupid server error
    telling you that your custom errors need to be set to off or something. I
    put the below outside the already established <configuration> and
    <system.web> settings. Thank you for any help or direction you might give
    me.

    <location path="file\path\here.aspx">
    <system.web>
    <authorization>
    <allow users="*" />
    </authorization>
    </system.web>
    </location>


    Andy G Guest
    Reply With Quote Reply With Quote

    2. Similar Questions and Discussions

    1. Different Pool of Threads for specific pages
      In Weblogic server, it's possible to specify many Pool of Threads, and assign some Servlets to each Pool of Thread. If I use Coldfusion Server as a...
    2. Lock out specific pages?
      Hi, is it possible to lock pages from being updated with Contribute 3? Lets say you have a folder containing 6 files (index.htm, company.htm,...
    3. Sharing authorization/authentication between Classic ASP and ASP.NET pages?
      I have an administrative website that I've built that needs to incorporate both Classic ASP and ASP.NET pages. The site needs basic password...
    4. How do I link to specific pages in another PDF file?
      But clicking on the links merely opens the target file at page 1, i.e. it won't open at the chosen page within the selected file. If Mr....
    5. Turn Off security for specific pages
      In my case each page that needs to be secured has this entry in the web.config page : <location path="Webform1.aspx"> <system.web>...
  2. Andy G #2

    Default Re: Authorization of specific pages

    Forgot to mention that IIS settings are set up for forms authentication. The
    Basic authentication is not checked and aunonymous access is checked. I
    don't know if you need to know this or not.

    "Andy G" <ajgould@iastate.edu> wrote in message
    news:eBM7t63DFHA.3120@TK2MSFTNGP12.phx.gbl...
    > I have my authorization in web.config set to <deny users="?" />, this is
    > what I want because we use forms authenthentication that sets a auth
    cookie.
    > We have a few pages that need to be accessed without the user having the
    > auth cookie. Is there a simple way to list the certain pages that you
    want
    > "unprotected"? I tried using the below and I get that stupid server error
    > telling you that your custom errors need to be set to off or something. I
    > put the below outside the already established <configuration> and
    > <system.web> settings. Thank you for any help or direction you might give
    > me.
    >
    > <location path="file\path\here.aspx">
    > <system.web>
    > <authorization>
    > <allow users="*" />
    > </authorization>
    > </system.web>
    > </location>
    >
    >

    Andy G Guest
    Reply With Quote Reply With Quote
  3. Andy G #3

    Default Re: Authorization of specific pages

    I figured this out.

    It needs to go after the already established <configuration> tag, after the
    already established <system.web> tag but before the </configuration> tag at
    the end of the web.config file. Hope that makes sense.


    "Andy G" <ajgould@iastate.edu> wrote in message
    news:eBM7t63DFHA.3120@TK2MSFTNGP12.phx.gbl...
    > I have my authorization in web.config set to <deny users="?" />, this is
    > what I want because we use forms authenthentication that sets a auth
    cookie.
    > We have a few pages that need to be accessed without the user having the
    > auth cookie. Is there a simple way to list the certain pages that you
    want
    > "unprotected"? I tried using the below and I get that stupid server error
    > telling you that your custom errors need to be set to off or something. I
    > put the below outside the already established <configuration> and
    > <system.web> settings. Thank you for any help or direction you might give
    > me.
    >
    > <location path="file\path\here.aspx">
    > <system.web>
    > <authorization>
    > <allow users="*" />
    > </authorization>
    > </system.web>
    > </location>
    >
    >

    Andy G Guest
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139