Reputation: 7744
How to specify root (/) location in web.config?
How does one specify root location in web.config to allow unauthenticated users access it?
The root location is served by default.aspx, but users normally don't see default.aspx, they just see http://mysite.com/.
So I've added
<location path="~/default.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
Which works if user hits mysite.com/default.aspx, but if user hits mysite.com/ - he is still redirected to login page.
I've tried <location path="~"> (does not help) and also <location path="~/">, <location path=""> (site fails completely) and could not make it work.
Any ideas?
Upvotes: 59
Views: 91104
Answers (10)
Reputation: 11
Merk was right!
I used
<location path="">
<system.webServer>
<httpRedirect enabled="true" destination="http://www.newpathdestination.com" exactDestination="true" httpResponseStatus="Permanent" />
</system.webServer>
</location>
on Windows netserver (don't ask), making sure to put nothing in between the quotes for location path. Redirects a request for the old home page to the new home page.
Upvotes: 0
Reputation: 681
Use this :
<location path="Default.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<location path="~">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
It works for me.
Upvotes: 0
Reputation: 778
only use
<location path=".">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
or don't write path,because the default path is root(.)
Upvotes: 9
Reputation: 840
Try this one:
<system.web>
<urlMappings enabled="true">
<add url="~/" mappedUrl="~/default.aspx" />
</urlMappings>
<authorization>
<allow roles="admin"/>
<deny users="*" />
</authorization>
</system.web>
<location path="Default.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
Upvotes: 48
Reputation: 21
To specify root directory you have to set it outside the location block.
<configuration>
<system.web>
<authorization>
<allow users=“*“/>
</authorization>
</system.web>
</configuration>
and then secure your other folder using location block
<location path=“AccessDenied.aspx“>
<system.web>
<authorization>
<deny users=“?“/>
</authorization>
</system.web>
</location>
Upvotes: 0
Reputation: 795
You probably use a forms authentification no?
<authentication mode="Forms">
<forms loginUrl="~/Default.aspx" />
</authentication>
This will solve your problem. An alternative is:
<location path="~/Default.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
Upvotes: 2
Reputation: 1897
The way we done it in the past was to create a folder for all functionality that requires login and set require auth for that folder. All aspx go to that folder. The root of the site stays open.
Upvotes: 2
Reputation: 119
You can achieve by 2 method
Method 1:
You can set redirect path to http://mysite.com/default.aspx in IIS if any user directly comes to your site.in IIS7 you can do that by clicking on Default Document. Here i attached image for your reference
Method 2
You can go through this URL ASp.NET Membership to set your web config settings.
Let me know if you need more detail on this.
Upvotes: 2
Reputation: 1741
If you want to specify the root of the directory, use <location path="" >
Upvotes: -4
Reputation: 35587
If you only want to let unauthenticated users to access default.aspx you can use
<location path="Default.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
before <system.web> and set that page as default in your web server.
In Visual Studio you can select the page and "Set As Start Page".
If you want to allow access to all the files in the root you have to create folders where you put your pages which need to be accessed by authenticated users.
You can create a Secure folder where you can put all your protected pages and change your web.config this way:
<location path="Secure">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
removing
<authorization>
<deny users="?"/>
</authorization>
Upvotes: 1
Related Questions
- web.config in folder allowing all or no user authentication
- loginUrl in web.config
- How do I make web.config apply to the root folder only?
- How to set the root path for asp.net application
- Set default directory in Asp.net
- Configuring subdirectory authentication mode in applications hosted under root site
- web.config location path permission issue
- Authorization settings for a folder in ASP.NET
- ASP.NET inner directory virtual path root
- Changing ASP.net application root?