Bypass forms authentication

CJF · CJF

My application uses forms-based authentication.
In my .NET project I have a subfolder to store forms that display
user-friendly error messages to the user.
I also have an http module to handle prerequests for creating my database
objects and connections. If the database connection fails I want the user
to be redirected to one of my error pages. The problem is if the connection
fails before the user has an opportunity to authenticate then the user gets
redirect to the error page, which in turn redirects them to the sign-in
page, which in turn fails to connect to the db and redirects them to the
error page (and round and round we go!). I created a web.config file for my
subfolder and set the authorization to allow all users, but it's not
allowing the user to see the error page and still invokes forms
authentication by using the authentication and authorization settings in the
parent web.config file. If I go to the error page by typing in the URL
directly it works, but it doesn't work if I redirect in the code.

How can I allow redirection to a page in the project and bypass the
authentication on a subfolder or form basis? Should the child web.config
file override the parent and allow all users if I choose?

Thx, Chris

Arvind P Rangan · Arvind P Rangan

Hi Chris,
Add this after the first </sytem>
before </configuration>
<location path="FOLDERNAME">
<system.web>
<compilation defaultLanguage="vb/c#" debug="true" />
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
Check it out This Works.
Arvind
"CJF" <chrisf@unr.edu> wrote in message
news:up$W7phAEHA.1796@TK2MSFTNGP12.phx.gbl...

> My application uses forms-based authentication.
> In my .NET project I have a subfolder to store forms that display
> user-friendly error messages to the user.
> I also have an http module to handle prerequests for creating my database
> objects and connections. If the database connection fails I want the user
> to be redirected to one of my error pages. The problem is if the

connection

> fails before the user has an opportunity to authenticate then the user

gets

> redirect to the error page, which in turn redirects them to the sign-in
> page, which in turn fails to connect to the db and redirects them to the
> error page (and round and round we go!). I created a web.config file for

my

> subfolder and set the authorization to allow all users, but it's not
> allowing the user to see the error page and still invokes forms
> authentication by using the authentication and authorization settings in

the

> parent web.config file. If I go to the error page by typing in the URL
> directly it works, but it doesn't work if I redirect in the code.
>
> How can I allow redirection to a page in the project and bypass the
> authentication on a subfolder or form basis? Should the child web.config
> file override the parent and allow all users if I choose?
>
> Thx, Chris
>
>

CJF · CJF

Hi Arvind,
I tried using the location element and it still loops between pages. I
placed the location block in my project's web.config and when that didn't
work, I put it in my subfolder's web.config. I also tried specifying a
specific file. I'm wondering if it's the ordering of events that still
causing it, since I'm doing the db connect on the prerequest event. I don't
know at what stage the web.config file is interpreted.
I'll have to find some other way to work around that.

"Arvind P Rangan" <arvind99@hotmail.com> wrote in message
news:egmluOpAEHA.712@tk2msftngp13.phx.gbl...

> Hi Chris,
> Add this after the first </sytem>
> before </configuration>
> <location path="FOLDERNAME">
> <system.web>
> <compilation defaultLanguage="vb/c#" debug="true" />
> <authorization>
> <allow users="*"/>
> </authorization>
> </system.web>
> </location>
> Check it out This Works.
> Arvind
> "CJF" <chrisf@unr.edu> wrote in message
> news:up$W7phAEHA.1796@TK2MSFTNGP12.phx.gbl...

> > My application uses forms-based authentication.
> > In my .NET project I have a subfolder to store forms that display
> > user-friendly error messages to the user.
> > I also have an http module to handle prerequests for creating my

database

> > objects and connections. If the database connection fails I want the

user

> > to be redirected to one of my error pages. The problem is if the

> connection

> > fails before the user has an opportunity to authenticate then the user

> gets

> > redirect to the error page, which in turn redirects them to the sign-in
> > page, which in turn fails to connect to the db and redirects them to the
> > error page (and round and round we go!). I created a web.config file

for

> my

> > subfolder and set the authorization to allow all users, but it's not
> > allowing the user to see the error page and still invokes forms
> > authentication by using the authentication and authorization settings in

> the

> > parent web.config file. If I go to the error page by typing in the URL
> > directly it works, but it doesn't work if I redirect in the code.
> >
> > How can I allow redirection to a page in the project and bypass the
> > authentication on a subfolder or form basis? Should the child

web.config

> > file override the parent and allow all users if I choose?
> >
> > Thx, Chris
> >
> >

>
>

Bypass forms authentication

Thread Tools

Display

Bypass forms authentication

Similar Questions and Discussions

Accessing htm files without authentication (forms authentication)

ASP.Net Forms authentication with basic authentication popup

Forms authentication then redirection to a secure web with NT authentication?

Authentication ticket, cookieless, forms authentication?

Forms authentication with Windows authentication

Re: Bypass forms authentication

Re: Bypass forms authentication

Posting Permissions