473,795 Members | 2,954 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Requiring Authorization for a Single Subfolder

ASP.NET 2.0

How do I configure my web site to require forms authorization only for a
subfolder off the root? I know how to set Web.config for forms
authentication for the whole site, but I need the root folder to allow all
read access, and a single subfolder to require authorization.

Thanks for any assistance.

-Johnnie
Nov 19 '05 #1
4 1984
This should work in your root web.config :

<location path="/">
<system.web>
<authorizatio n>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="/yoursubfolder">
<system.web>
<authorizatio n>
<allow users="?" />
</authorization>
</system.web>
</location>

Juan T. Llibre, ASP.NET MVP
ASP.NET FAQ : http://asp.net.do/faq/
ASPNETFAQ.COM : http://www.aspnetfaq.com/
Foros de ASP.NET en Español : http://asp.net.do/foros/
=============== =============== ========
"Johnnie Norsworthy" <jl****@verizon .net> wrote in message
news:u2******** ******@TK2MSFTN GP09.phx.gbl...
ASP.NET 2.0

How do I configure my web site to require forms authorization only for a subfolder off
the root? I know how to set Web.config for forms authentication for the whole site, but
I need the root folder to allow all read access, and a single subfolder to require
authorization.

Thanks for any assistance.

-Johnnie

Nov 19 '05 #2
"Juan T. Llibre" <no***********@ nowhere.com> wrote in message
news:uK******** ******@TK2MSFTN GP12.phx.gbl...
This should work in your root web.config :

<location path="/">
<system.web>
<authorizatio n>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="/yoursubfolder">
<system.web>
<authorizatio n>
<allow users="?" />
</authorization>
</system.web>
</location>


Thank you very very much Juan! I don't know where I missed that in the
documentation, because I sure looked for it awhile.
Nov 19 '05 #3
Don't get too excited, Johnnie.

I think I have a typo in the example I sent you,
and you still have to setup Forms Authorization for the subdirectory.

;-)

The typo is that the slash is not needed for the subdir, and I think you can even get
away without setting the location path for the main directory, by simply including :

<system.web>
<authorizatio n>
<allow users="*" />
</authorization>
</system.web>
<location path="/yoursubfolder">
<system.web>
<authenticati on mode="Forms" >
<forms loginUrl="login .aspx" name=".ASPNETAU TH" protection="Non e" path="/subdir"
timeout="20" >
</forms>
</authentication>

<authorizatio n>
<allow users="?" />
</authorization>
</system.web>
</location>

Test both modes...and let me know how it went.

See a complete example at this KB :

http://support.microsoft.com/default...b;en-us;316871

The difference in that example, of course, is that instead
of requiring authorization, it allows it with :

<allow users ="*" />

But using <allow users ="?" /> requires that the user be authenticated.

You still have to setup Forms authentication for that subdirectory, though.


Juan T. Llibre, ASP.NET MVP
ASP.NET FAQ : http://asp.net.do/faq/
ASPNETFAQ.COM : http://www.aspnetfaq.com/
Foros de ASP.NET en Español : http://asp.net.do/foros/
=============== =============== ========
"Johnnie Norsworthy" <jl****@verizon .net> wrote in message
news:%2******** *******@TK2MSFT NGP15.phx.gbl.. .
"Juan T. Llibre" <no***********@ nowhere.com> wrote in message
news:uK******** ******@TK2MSFTN GP12.phx.gbl...
This should work in your root web.config :

<location path="/">
<system.web>
<authorizatio n>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="/yoursubfolder">
<system.web>
<authorizatio n>
<allow users="?" />
</authorization>
</system.web>
</location>


Thank you very very much Juan! I don't know where I missed that in the documentation,
because I sure looked for it awhile.

Nov 19 '05 #4
Here is the Web.Config I used to make it work with some parts simplified:
<configuratio n xmlns="http://schemas.microso ft.com/.NetConfigurati on/v2.0">
<appSettings/>
<connectionStri ngs/>
<system.web>
<compilation debug="true">
<assemblies>
...
</assemblies>
</compilation>
<authenticati on mode="Forms">
<forms loginUrl="login .aspx">
<credentials passwordFormat= "Clear">
<user name="Test" password="Test"/>
</credentials>
</forms>
</authentication>
<authorizatio n>
<allow users="*"/>
</authorization>
<customErrors mode="RemoteOnl y" defaultRedirect ="error.htm" >
<error statusCode="403 " redirect="secur ity.htm"/>
<error statusCode="404 " redirect="missi ng.htm"/>
</customErrors>
</system.web>

<location path="customer" >
<system.web>
<authorizatio n>
<deny users="?"/>
</authorization>
</system.web>
</location>
</configuration>

Thanks for your help,
Johnnie
Nov 20 '05 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
2
1995
AUTHORIZATION with WINDOWS AUTHENTICATION -- HELP!!
by: phreeskier | last post by:
i want to implement authorization with windows authentication and don't have the slightest clue of how to do this implementation. the basic windows authentication for this .NET application is already setup. my problem lies within my inability to manipulate the username captured in the authentication process and my knowledge of how IIS is involved. specifically, i have the following questions: 1) what object(s) can be used so that the...
ASP / Active Server Pages
3
4873
Forms authentication in a subfolder problem, please help
by: Kris van der Mast | last post by:
Hi, I've created a little site for my sports club. In the root folder there are pages that are viewable by every anonymous user but at a certain subfolder my administration pages should be protected by forms authentication. When I create forms authentication at root level it works but when I move my code up to the subfolder I get this error: Server Error in '/TestProjects/FormsAuthenticationTestingArea' Application.
ASP.NET
4
1570
Bug in Authorization??? IIS 5 Config Problem??
by: Mark Olbert | last post by:
I am having a devil of a time trying to get Forms authentication to work in a very simple test webapp (I've gotten it to work many, many times when developing on my WinXP client box, but I've just switched to doing development/debug on a Win2K server with IIS5, and something is obviously wrong). Here's the site: login.aspx /ssl/members/members.aspx
ASP.NET
2
2516
Forms Authentication question: How to have some pages open and some requiring forms authentication
by: Eric | last post by:
I am trying to build an app where the stuff in the root directory is open to all, but anything under the Restricted directory requires you to login and I want to use Forms to do it. I'm having trouble getting the web.config to work properly. First I tried to have a second web.config in the sub directory with authentication and authorization set to forms, but it blew up. Next, I tried to modify the root web.config in the following manner...
ASP.NET
0
1518
Authorization Failed - 401 - Custom Errors
by: gilly3 | last post by:
How do I use a Custom Error page for 401 - Authorization Failed errors? I tried the web.config method: <customErrors mode="On" defaultRedirect="/GeneralError.aspx"> <error statusCode="401" redirect="/AccessDenied.aspx" /> </customErrors> My application uses Windows Integrated Authentication, and restricts access to a single Windows User Group like this (in web.config):
ASP.NET
1
2146
Master pages and Forms Authorization
by: gilly3 | last post by:
I'd like to use a master page for (nearly) every page in my ASP.NET 2.0 website. I also have some webpages that I'd like to protect by using forms authorization. I have a page that requires authenticated users, so I've dropped it in a virtual application with a web.config that denies access to anonymous users like so:
ASP.NET
0
2045
User.IsInRole in fails unless authorization section limits access
by: ronscottlangham | last post by:
I have a web page that any authenticated user can access, but I dynamically enable/disable other asp.net controls on the web page based on the Role that they are in via C# code behind. My web config is as follows... <system.web> <authorization> <deny users="?" /> </authorization>
ASP.NET
5
3033
Returning subfolder name with path name
by: woolls01 | last post by:
I am using the following code Sub Ck() Dim strStartPath As String strStartPath = "d:\workpack\rra" ListFolder strStartPath End Sub
Visual Basic 4 / 5 / 6
3
1351
Authorization Confusion
by: Jonathan Wood | last post by:
I have a subfolder on my Website that contains images. It also contains the web.config file shown below. When I access the site, I get the Login page as expected. But if I type in the URL of an image in the folder that contains images, the image is displayed in the browser. I don't understand why I am not prevented from seeing the contents of this folder since I have not been authenticated. Does it have something to do with the fact...
ASP.NET
0
9673
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
9522
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
10003
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
9046
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
1
7544
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
6784
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
5440
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
5566
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
2
3730
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us