Ask a Question related to ASP.NET Security, Design and Development.
-
Alex Maghen #1
Forms-Based Security below Application Level
If I have a site where I want to use Forms-Based security but only on one or
two SUB-directories of the Application root, I'm confused about how that
works.
Let's say I want wide-open annonymous access to the docroot and all of the
sub-directories except for /SecureFolder1/* and /SecureFolder2/*. I'm
confused about how I configure web.config to do this.
Alex
Alex Maghen Guest
-
Redirect after login based on Access Level
Hi All I have been working through the tutorial on http://dmxzone.com/showDetail.asp?TypeId=28&NewsId=7645 to try and work out how to redirect a... -
Applying security at folder level using forms authentication
Hi I have two folders in the .net application,one can be accessed by everyone adn the other needs to be accessed only through submitting login and... -
Forms based security
Hi there, In forms based security do I have to arrange pages into subdirectories in order to secure them? I want the public to access my home page... -
Page Level role-based authentication
I've set up and managed to use ASP.NET role-based authentication. I find the automatic checking and redirecting for unauthorized pages really... -
Page level, IP based security...
I have a Web Project containing two WebForms and one WebService. What's the best way to limit who is able to access those three items? I want the... -
ranganh #2 RE: Forms-Based Security below Application Level
Hi Alex,
You can very well do that.
In your web.config of the root directory, just put the following code:-
<location path="SecureFolder1">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="SecureFolder2">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
The above would deny anonymous access to only those files which are under
the securefolder1 and securefolder2. If you want to deny access to everyone,
make it to deny users=*, and if you want to deny particular user use deny
user="username", for roles, deny roles="rolename", basically you can do all
these settings at the web.config level.
Write back if you have doubts.
"Alex Maghen" wrote:
> If I have a site where I want to use Forms-Based security but only on one or
> two SUB-directories of the Application root, I'm confused about how that
> works.
>
> Let's say I want wide-open annonymous access to the docroot and all of the
> sub-directories except for /SecureFolder1/* and /SecureFolder2/*. I'm
> confused about how I configure web.config to do this.
>
> Alexranganh Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
