J
Jeremy
I have a web app that contains forms authentication to protect
subdirectory called "admin" by denying anonymous users. When I request
a protected resource in the admin directory I am presented with a
Windows logon dialog prompt instead of being redirected to the logon
page. In the web.config it is setup as follows:
<configuration>
<system.web>
....
<authentication mode="Forms">
<forms
name="myCookie"
protection="All"
path="/"
loginUrl="login.aspx"
timeout="10" >
</forms>
</authentication>
....
<system.web>
<location path="admin">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
<configuration>
If I change the <deny users="?"/> to <allow users="?"/> the Windows
logon prompt goes away, but of course the resource us unprotected and
it does not redirect to the login.aspx page. Its behaving as though I
am using Windows authentication. Any ideas why is the Windows logon
prompt is being displayed rather than simply redirecting to the
login.aspx page?
subdirectory called "admin" by denying anonymous users. When I request
a protected resource in the admin directory I am presented with a
Windows logon dialog prompt instead of being redirected to the logon
page. In the web.config it is setup as follows:
<configuration>
<system.web>
....
<authentication mode="Forms">
<forms
name="myCookie"
protection="All"
path="/"
loginUrl="login.aspx"
timeout="10" >
</forms>
</authentication>
....
<system.web>
<location path="admin">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
<configuration>
If I change the <deny users="?"/> to <allow users="?"/> the Windows
logon prompt goes away, but of course the resource us unprotected and
it does not redirect to the login.aspx page. Its behaving as though I
am using Windows authentication. Any ideas why is the Windows logon
prompt is being displayed rather than simply redirecting to the
login.aspx page?