CODEWITHSUNDEEP
c#asp.net
user979331
user979331

Reputation: 11861

ASP.NET web.config Forms Authentication, deny anonymous users, allow anonymous access for single files

I am reading this tutorial here: http://blog.repsaj.nl/index.php/2007/08/mixing-forms-based-and-windows-authentication-in-aspnet/

this part is interesting:

  1. Create 3 files: Login.aspx, WebLogin.aspx, WinLogin.aspx. These will be the only 3 files which can be accessed without any credentials. You can allow anonymous access through your Web.config like this:

but the section under that is blank :(

So my question is, how do I allow anonymous access to my Login.aspx, WebLogin.aspx and WinLogin.aspx ?

Upvotes: 1

Views: 3492

Answers (2)

Rae Lee
Rae Lee

Reputation: 1391

   <configuration>
  <system.web>

    <authentication mode="Forms">
      <forms loginUrl="SignIn.aspx" defaultUrl="Welcome.aspx"  protection="All">
        <credentials passwordFormat="Clear">
          <user name="lee" password="lee12345"/>
          <user name="add" password="add12345"/>
        </credentials>
      </forms>
    </authentication>

    <authorization>
      <deny users="?" />      <!--his will restrict anonymous user access-->
    </authorization>

  </system.web>

  <location path="register.aspx">    <!--path here is path to your register.aspx page-->
    <system.web>
      <authorization>
        <allow users="*"/>       <!--this will allow access to everyone to register.aspx-->
      </authorization>
    </system.web>
  </location>

</configuration>

Upvotes: 0

gotmilk13531
gotmilk13531

Reputation: 234

Add this to your web.config. You will need this repeated for each page you want everyone to have access to (3 in your case).

    <location path="Login.aspx">
      <system.web>
        <authorization>
          <allow users="*" />
        </authorization>
      </system.web>
    </location>

Upvotes: 1

Related Questions