forms authentication in subdirectory

The issue is that you can't put the Authentication node in sub directory
like that. One option would be to put your FormsAuthentication node in your
App Root and then use the location element to control whether or not you are
going require authentication.

Example (assuming the sub directory is "Admin"):

<!-- this would appear in the <system.web> section of your web.config -->
<authorization>
<allow users="*" /> <!-- Allow all users to the public location -->
</authorization>

<!-- this would appear in the configuration section (probably prior to
<system.web> -->
<location path="Admin">
<system.web>
<authorization>
<deny users="?" /> <!-- Require the Forms Authentication -->
</authorization>
</system.web>
</location>

I haven't tried that exact method personally but something like that might
at least be a start.

-Kyle

"Justin" <Ju****@discussions.microsoft.com> wrote in message
news:D4**********************************@microsof t.com...

I have an admin area in a sub directory of the root application that I am
trying to password protect with forms authentication with a web.config in the subdirectory.

when I try to access the login page or any other pages I get this error:

It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.

Any suggestions?

Thanks, Justin.

Actually I have tried using the location element but it did'nt work like it
was suppose to, it protected the root directory not just the Admin directory.

Any ideas why it would do that?

"Kyle Eberle" wrote:

The issue is that you can't put the Authentication node in sub directory
like that. One option would be to put your FormsAuthentication node in your
App Root and then use the location element to control whether or not you are
going require authentication.

Example (assuming the sub directory is "Admin"):

<!-- this would appear in the <system.web> section of your web.config -->
<authorization>
<allow users="*" /> <!-- Allow all users to the public location -->
</authorization>

<!-- this would appear in the configuration section (probably prior to
<system.web> -->
<location path="Admin">
<system.web>
<authorization>
<deny users="?" /> <!-- Require the Forms Authentication -->
</authorization>
</system.web>
</location>

I haven't tried that exact method personally but something like that might
at least be a start.

-Kyle

"Justin" <Ju****@discussions.microsoft.com> wrote in message
news:D4**********************************@microsof t.com...

I have an admin area in a sub directory of the root application that I am
trying to password protect with forms authentication with a web.config in

the

subdirectory.

when I try to access the login page or any other pages I get this error:

It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This

error

can be caused by a virtual directory not being configured as an

application

in IIS.

Any suggestions?

Thanks, Justin.