I have two folders in my asp.net website namely VENDORS and ADMIN
i want when any user access any of the page inside the ADMIN folder it redirects to Admin/login.aspx until they login ....
i want when any user access any of the page inside the VENDORS folder it redirects to Vendors/login.aspx until they login ....
How to do that using web.config authorization ....
You need to have web.config files inside the admin and vendors folder separately. Inside these web.config files you would declare your <formsauthentication> elements independently. The global web.config should contain no <formsauthentication> element.
Edit:
I will provide a xml snippet below, but implementing FormsAuthentication is not a task I would recommend for someone who is a beginner. First you should read and understand the process involved in implementing at least a basic FormsAuthentication model. That being said, this would be the relevant web.config entry under the <system.web> section:
<authentication mode="Forms">
<forms loginUrl="~/vendors/login.aspx"
protection="All"
timeout="30"
name=".ASPXAUTH"
requireSSL="false"
slidingExpiration="false"
defaultUrl="~/vendors/default.aspx"
cookieless="UseDeviceProfile"/>
</authentication>
Unless the vendor and admin site are completely unrelated, I would recommend having a single authentication architecture. Have a login page at the root level, then use <location> elements to define role authorization (or separate web.config files in each subfolder). Is it absolutely necessary that administrators login to /admin/login.aspx and vendors login to /vendors/login.aspx?
