Hi James:
Well, it depends on how you organize your application(s). To IIS and
ASP.NET, each virtual directory can be treated as its own application, with
its own web.config file, so if your application design requires multiple
levels of authentication, you might consider using multiple virtual
directories. One major downside to this approach is that, by design, you
can't include .ascx files from other applications (e.g., a common header or
footer, for example), but it's an option nonetheless.
If that doesn't work for you, you'll have to implement some kind of
permission-checking model of your own, on top of the one provided with
ASP.NET. I've done this by storing a cookie called "memberID", for example,
and with each page request, after checking the corresponding memberType
value in my database, determining whether the requesting user has permission
to access each individual page or page object. It's a little more involved,
of course, but it's not really that complicated.
I'm almost positive these are your only two options. Perhaps others will be
able to shed more light.
Hope it helps,
Chris
"James X. Li" <do*********@abc.net> wrote in message
news:u9**************@TK2MSFTNGP12.phx.gbl...
Is there a way to implement multiple login forms for ASP.NET applications?
With our application we want to implement simple login form
for normal resources (downloadable files), but more rigorous login forms
for tasks like administration and configuration. The current ASP.NET
seems only to
allow to a single login form via the authentication element in web.config
in the root directory.
One work-around for our problem is implementing a directory dependent
login forms which displays different content depending on the ReturnUrl
query parameter. This solution will become really messy if the application
become for complex. It there a more elegant alternative to this
work-around?
Thanks in advance
James X. Li