Problem with Authentication

Question

My web config, which is a config file in a folder (a config file additional to the main config file in the virtual directory):

> <?xml version="1.0"?>
<configuration>
    <system.web>
      <authentication mode="Forms">
        <forms name=".MyCookie" loginUrl="~/Registration.aspx"   protection="All" timeout="43200" path="/">
          <credentials passwordFormat="MD5">
            <user name="user" password="ca064d0730abfeb09e383a0e82e65f73"/>
          </credentials>
        </forms>
      </authentication>

      <authorization>
        <deny users="?"/>
        <allow roles="Moderator"/>
        <deny users="*"/>
      </authorization>



    </system.web>
</configuration>

The error that I get:

Error 3 It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS. 5

I am trying to redirect any anonymous users from the administrator and moderator directories.. so I want any anonymous user or users with no role to be redirected to register.aspx..but i dont get it to work because I get that error and I dont know why!! :(

Answer 1

You should define your sub directory as location in your web.config.

Check location element. Also check this scenario.

This article explains how to organize your web.configs and location elements.

This is because the section is only supported in IIS application directories, which doesn't include subdirectories of an IIS application.

Answer 2

the authentication tag is not permited on subdirectories web.config, unless you define this subdirectory as a full asp.net application, means a diferent aplication than the root - I not suggest it.

so remove this, and keep it to the root web.config only.

<authentication mode="Forms">... </authentication>