forms security

T

Troy

I'm trying to setup form security through the web.config file but users can
still get to the protected page by typing in the url. Here's my web.config
authentication settings. Any help is appreciated.

Thanks

<authentication mode="Forms">

<forms name="myapplication"

loginUrl="LoginPage.aspx"

protection="All"

timeout="60" >

</forms>

</authentication>
 
N

Nicholas Paldino [.NET/C# MVP]

Troy,

In the <authorization> tag, you want to place a <deny> element, where
the users attribute is "?", indicating that anonymous users should be
denied.

Hope this helps.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Session Timeout 7
How protect non aspx files using Forms Authentication? 5
Form authentication 2
Forms based authentication again 1
Web.config file protecting sub-folders only 1
Error while trying to run project [.Net 1.1] 4
Forms Authentication - how to read timeout? 1
forms authentication 1

Top