By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,889 Members | 1,373 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,889 IT Pros & Developers. It's quick & easy.

Web.config file protecting sub-folders only

P: n/a
Hi,

I'm trying to protect one of my subfolders from Web.config file in my root
folder. Here is my directory structure

/ // My shopping cart
/admin // Shopping cart admin which needs to be protected

Now in my Web.config how can I protect just the /admin folder (which is not
a virtual directory) it's simply a folder in my / folder?

I tried

<authentication mode="Forms">
<forms name="CartAdmin" loginUrl="admin/Login.aspx" timeout="30"
protection="All" path="/admin" />
</authentication>
<authorization>
<deny users="?" />
</authorization>

but it doesn't work. Even when you try to access files in my / folder it
redirects you to my /admin/login.aspx file

Thank you
Maz
Nov 16 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
Hi Maziar Alfatoun,

Can you try this and let me know whether it is working or not?

<?xml version="1.0" encoding="utf-8" ?>
<configuration>

<system.web>

<authentication mode="Forms">
<forms name="CartAdmin" loginUrl="Login.aspx" protection="All" timeout="30"
path="/" />
</authentication>

<compilation debug="true" />

</system.web>

<location path="admin">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>

</configuration>

Please correct me if i am wrong. Thanks. Hope it helps.
--
Regards,
Chua Wen Ching :)
"Maziar Aflatoun" wrote:
Hi,

I'm trying to protect one of my subfolders from Web.config file in my root
folder. Here is my directory structure

/ // My shopping cart
/admin // Shopping cart admin which needs to be protected

Now in my Web.config how can I protect just the /admin folder (which is not
a virtual directory) it's simply a folder in my / folder?

I tried

<authentication mode="Forms">
<forms name="CartAdmin" loginUrl="admin/Login.aspx" timeout="30"
protection="All" path="/admin" />
</authentication>
<authorization>
<deny users="?" />
</authorization>

but it doesn't work. Even when you try to access files in my / folder it
redirects you to my /admin/login.aspx file

Thank you
Maz

Nov 16 '05 #2

P: n/a
Thanks... I already got it to work using the following directives in my
Web.Config file

<authentication mode="Forms">
<forms loginUrl="admin/Login.aspx" protection="All" timeout="30"
path="/">
<credentials passwordFormat="Clear">
<user name="admin" password="12345" />
</credentials>
</forms>
</authentication>

and in the Web.Config file of my sub-folders
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<authorization>
<allow users="admin" />
<deny users="*" />
</authorization>
</system.web>
</configuration>

Thanks
Maziar Aflatoun
"Chua Wen Ching" <ch************@nospam.hotmail.com> wrote in message
news:7E**********************************@microsof t.com...
Hi Maziar Alfatoun,

Can you try this and let me know whether it is working or not?

<?xml version="1.0" encoding="utf-8" ?>
<configuration>

<system.web>

<authentication mode="Forms">
<forms name="CartAdmin" loginUrl="Login.aspx" protection="All"
timeout="30"
path="/" />
</authentication>

<compilation debug="true" />

</system.web>

<location path="admin">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>

</configuration>

Please correct me if i am wrong. Thanks. Hope it helps.
--
Regards,
Chua Wen Ching :)
"Maziar Aflatoun" wrote:
Hi,

I'm trying to protect one of my subfolders from Web.config file in my
root
folder. Here is my directory structure

/ // My shopping cart
/admin // Shopping cart admin which needs to be protected

Now in my Web.config how can I protect just the /admin folder (which is
not
a virtual directory) it's simply a folder in my / folder?

I tried

<authentication mode="Forms">
<forms name="CartAdmin" loginUrl="admin/Login.aspx" timeout="30"
protection="All" path="/admin" />
</authentication>
<authorization>
<deny users="?" />
</authorization>

but it doesn't work. Even when you try to access files in my / folder it
redirects you to my /admin/login.aspx file

Thank you
Maz

Nov 16 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.