Have not all the pages protected by the login page

My web.config looks like this concerning login :

<authentication mode="Forms">

<forms loginUrl="frmLogin.aspx" timeout="20" />

</authentication>

<authorization>

<deny users="?" /> <!-- Allow all users -->

</authorization>


And cookieless is set to True

I would like to know if it is possible to not have all my pages protected by
the login page. My login page performs some checks in its page_load (read
registry entries etc..) and if an error happens (missing registry keys for
example) I would like it to redirect to an Error page of my own. But if I
include this error page in my project as an aspx page (or even html fails
because it is not treated as aspx and will not load because of cookiless,
session ID appears in the URL and seems to cause problems) it will become
protected by the login page so I won't see it anyways...

Someone can help ?


--
Philippe Meunier
Programmer
CHCA Computer Systems Inc.

re: Have not all the pages protected by the login page

Hi Philippe,

The following article looks like it's exactly what you want.
316871 HOW TO: Control Authorization Permissions in an ASP.NET Application
http://kb/article.asp?id=Q316871

Thank you, Mike
Microsoft, ASP.NET Support Professional

Microsoft highly recommends to all of our customers that they visit the
http://www.microsoft.com/protect site and perform the three straightforward
steps listed to improve your computer’s security.

This posting is provided "AS IS", with no warranties, and confers no rights.


--------------------[color=blue]
> From: "Philippe Meunier" <pmeunier@chca.ca>
> Subject: Have not all the pages protected by the login page
> Date: Fri, 24 Oct 2003 10:41:24 -0400
> Lines: 35
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
> Message-ID: <ecwcKzjmDHA.3700@TK2MSFTNGP11.phx.gbl>
> Newsgroups: microsoft.public.dotnet.framework.aspnet
> NNTP-Posting-Host: 206.47.191.74
> Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTN GP11.phx.gbl
> Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.framework.aspnet:186333
> X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
>
> My web.config looks like this concerning login :
>
> <authentication mode="Forms">
>
> <forms loginUrl="frmLogin.aspx" timeout="20" />
>
> </authentication>
>
> <authorization>
>
> <deny users="?" /> <!-- Allow all users -->
>
> </authorization>
>
>
> And cookieless is set to True
>
> I would like to know if it is possible to not have all my pages protected[/color]
by[color=blue]
> the login page. My login page performs some checks in its page_load (read
> registry entries etc..) and if an error happens (missing registry keys for
> example) I would like it to redirect to an Error page of my own. But if I
> include this error page in my project as an aspx page (or even html fails
> because it is not treated as aspx and will not load because of cookiless,
> session ID appears in the URL and seems to cause problems) it will become
> protected by the login page so I won't see it anyways...
>
> Someone can help ?
>
>
> --
> Philippe Meunier
> Programmer
> CHCA Computer Systems Inc.
>
>
>[/color]