Hi, I've configured a web app to use windows authentication and also
set up two separate subdirectories to use forms authentication. It
appears to work fine but I have never seen a sample that
demonstrates both in the same web.config (all the samples show a
snippet outside the context of the entire web.config) I don't like
assuming i've done this correctly and securely.
Please take a look at the following from my web.config and let me
know what you think(what's below is stripped down to
the essentials w/ no attributes) Pretty basic, i just use a
location element for each sub-dir and then set the auth mode inside
of it.
Thanks - C
<?xml version="1.0" encoding="UTF-8" ?>
<configuration>
<system.web>
<authentication mode="Windows" />
<authorization>
<allow users="*" />
</authorization>
</system.web>
<location path="SecureArea1">
<system.web>
<authentication mode="Forms">
<forms loginUrl="login.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="SecureArea2">
<system.web>
<authentication mode="Forms">
<forms loginUrl="login.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
------------------------ Yahoo! Groups Sponsor ---------------------~-->
Buy Ink Cartridges or Refill Kits for your HP, Epson, Canon or Lexmark
Printer at MyInks.com. Free s/h on orders $50 or more to the US & Canada.
http://www.c1tracking.com/l.asp?cid=5511
http://us.click.yahoo.com/mOAaAA/3exGAA/qnsNAA/saFolB/TM
---------------------------------------------------------------------~->
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/AspNetAnyQuestionIsOk/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
