You need to specify <authentication > etc on the root level, therefore you
need to do it kind of twisted
<?xml version="1.0" encoding="utf-8" ?>
<configuratio n>
<appSettings>
<add key="ConnStr" value="Data Source=myDataSo urce;Initial
Catalog=myDb;Us er=myUser; Password=myPass word"/>
</appSettings>
<system.web>
<!-- Authentication element on root level, just specify with
authorization that root level is public -->
<authenticati on mode="Forms">
<forms loginUrl="Admin/Login.aspx"/>
</authentication>
<authorizatio n>
<allow users="*" />
</authorization>
<compilation defaultLanguage ="c#" debug="true"/>
<customErrors mode="RemoteOnl y"/>
<trace enabled="false" requestLimit="1 0" pageOutput="fal se"
traceMode="Sort ByTime" localOnly="true "/>
<sessionState mode="InProc"
stateConnection String="tcpip=1 27.0.0.1:42424" sqlConnectionSt ring="data
source=127.0.0. 1;Trusted_Conne ction=yes"
cookieless="fal se" timeout="20" />
<globalizatio n requestEncoding ="utf-8" responseEncodin g="utf-8"/>
</system.web>
<!-- Deny Access to Admin folder -->
<location path="Admin">
<system.web>
<authorizatio n>
<deny users="?"/>
</authorization>
</system.web>
</location>
</configuration>
--
Teemu Keiski
ASP.NET MVP, AspInsider
Finland, EU
http://blogs.aspadvice.com/joteke
"Adam J Knight" <ad**********@o ptusnet.com.au> wrote in message
news:ew******** **********@TK2M SFTNGP15.phx.gb l...
Hi,
I am not to clued up when it comes to Web.config.
Here is a butchered version, probably totally wrong..that attempts to
acheive what i am after.
Obviously it is incorrect, and producing an error..Would appreciated the
correct syntax!!!!
This is an attempt to apply authentication to a 'Admin' subject directory,
but have no security on pages in root directory...
Cheers,
Adam
<?xml version="1.0" encoding="utf-8" ?>
<configuratio n>
<appSettings>
<add key="ConnStr" value="Data Source=myDataSo urce;Initial
Catalog=myDb;Us er=myUser; Password=myPass word"/>
</appSettings>
<system.web>
<compilation defaultLanguage ="c#" debug="true"/>
<customErrors mode="RemoteOnl y"/>
<trace enabled="false" requestLimit="1 0" pageOutput="fal se"
traceMode="Sort ByTime" localOnly="true "/>
<sessionState mode="InProc"
stateConnection String="tcpip=1 27.0.0.1:42424" sqlConnectionSt ring="data
source=127.0.0. 1;Trusted_Conne ction=yes"
cookieless="fal se" timeout="20" />
<globalizatio n requestEncoding ="utf-8" responseEncodin g="utf-8"/>
</system.web>
<location path="Admin">
<system.web>
<authenticati on mode="Forms">
<forms loginUrl="Admin/Login.aspx"/>
</authentication>
<authorizatio n>
<deny users="?"/>
</authorization>
</system.web>
</location>
</configuration>