Thanks Saravana,
But I still get problems. Its shows an access denied problem.
I have a parent directory called app. I configured it as a virtual
directory.
I use the IIS configuration tool from control panel, right click app -> all
tasks -> permission wizard -> select new security settings -> public
website.
Now I can access the pages in app folder as
http://localhost/app/index1.aspx
In the web.config of the app folder I have the following data:
************************************************** ********
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<compilation defaultLanguage="c#" debug="true" />
<customErrors mode="RemoteOnly" />
<authentication mode="Windows" />
<trace enabled="false" requestLimit="10" pageOutput="false"
traceMode="SortByTime" localOnly="true" />
<sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user id=sa;password="
cookieless="false" timeout="20" />
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
</system.web>
<location path="admin">
<system.web>
<authorization>
<allow users="abcd" />
<deny users="*" />
</authorization>
</system.web>
</location>
</configuration>
****************************
I have a subfolder admin in my app folder.
Actually I made it as another application and copied the application's
folder as a subfolder called admin in my app folder.
The admin folder therefore has a web.config too.
But I deleted it so that there is no ambiguity.
I have not made the admin subfolder as a virtual directory.
Now with the above security settings, I should get the the files in the
admin folder as
http://localhost/app/admin/index1.aspx
It should ask for authentication and when I enter the username password of
user abcd, it should let me in.
But This does not happen.
I get an error.
I tried making the admin subfolder as a virtual directory.
I even tried to retain its web.config and place this within it:
<authorization>
<allow users="abcd" />
<deny users="*" />
</authorization>
In that case it works, but it allows all users in.
Not abcd alone.
Can you please throw light on this ?
Thanks a lot
SeeSharp.
"Saravana" <sa******@sct.co.in> wrote in message
news:Oc**************@TK2MSFTNGP11.phx.gbl...
You can go for form authentication or windows authentication, then use
location tag or create web.config (in that folder) to specify particular
permission for specific folder using role based authorization. For example
to set permission to particular folder using location tag,
<location path="<foldername>">
<system.web>
<autorization>
<allow users="Admin">
<deny users="*">
</autorization>
</system.web>
</location>
--
Saravana
Microsoft India Community Star,
MCAD,SE,SD,DBA.
"See Sharp" <sm****@inapp.com> wrote in message
news:#U**************@TK2MSFTNGP11.phx.gbl... Hello all,
I have a set of admin pages which are put in a subfolder called admin
inside my application folder.
I want to limit access to these admin pages.
How can I do this?
In Linux, I can password protect the directory, so that whenever a page
within the admin subfolder is accessed for the first time, an
authentication window pops up asking for username-password. How can I implement the
same in IIS ?
This way I can avoid having to programmatically implement login feature.
Can anyone please throw light on this ?
Thanks
SeeSharp.