Yes it does make sense ,,,,
as you can set the user rights ( as with windows authentication )
example from one of my projects
<!--
<authentication mode="Forms" /> 'TEMOT <authentication mode="Windows" />
'APE
->
<authentication mode="Forms" />
<!-- AUTHORIZATION
This section sets the authorization policies of the application. You can
allow or deny access
to application resources by user or role. Wildcards: "*" mean everyone, "?"
means anonymous
(unauthenticated) users.
-->
<authorization>
<!-- <deny users="?" /> TEMOT <allow users="*" /> APE -->
<deny users="?" />
<!-- <allow users="[comma separated list of users]"
e roles="[comma separated list of roles]"/>
<deny e users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
As you see my customer TEMOT uses forms authentication and my customer APE
uses windows authentication
wich means in my project that Customer Temot has a Logon procedure ? means
deny all unauthenticated users
where the * means for APE that they will be granted the windows anonymous
user rights ( so unauthenticated users can access the website )
TIP :
if you place below tag under the closing tag of system.web you can exclude
somepages from forms authentication
this can be verry handy if you want the user to show an alternate page when
they failed to login ( it can then come from the same virtual dir )
<location path="justapage.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
"Water Cooler v2" <wt*****@yahoo.com> wrote in message
news:11*********************@g43g2000cwa.googlegro ups.com...
Is the authorization tag/class in web.config\<system.web> available
only for Windows authorization? Does it make sense for Forms based
authentication?
