How to Configure Forms Authentication for a Folder of my Web Application?

2
votes

I have an asp.net application with a web.config file in the root and uses Windows authentication by default.

I have an Admin folder that should have Forms authentication. for this, I have added a new web.config file in the Admin folder as below:

<?xml version="1.0"?>
<configuration>
  <system.web>
    <authentication mode="Forms" >      
      <forms loginUrl="~/Admin/Login.aspx" name=".ASPXFORMSAUTH" >
      </forms>
    </authentication>
    <authorization>
      <deny users="?"/>
    </authorization>   
  </system.web>
</configuration>

Now when I run a page inside the Admin folder, it gives me the below error:

Parser Error Message: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level.  This error can be caused by a virtual directory not being configured as an application in IIS.

How to Configure Forms Authentication for the pages inside the Admin folder only and leaving other pages for the Windows authentication which is the default?

thanks

1
c#asp.netwindowsauthenticationforms-authentication
are you sure admin is an application and not a virtual folder?Adrian Iftode
you mean about IIS settings? Admin is not an application nor is a virtual folder. It's just a normal folder inside the root application.The Light

1 Answers

0
votes

I think this you will need to do something like

In your Admin folder web.config 

  <location path="Register.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>

  <system.web>
    <authorization>
      <deny users="?"/>
    </authorization>
  </system.web>

</configuration>

In your root web.config

<system.web>
<authentication mode="Forms">
      <forms loginUrl="~/Account/Login.aspx" timeout="2880" />
</authentication>
</system.web>

Anyway this might help you Control Authorization Permissions in an ASP.NET Application