Web.config file protecting sub-folders only

  • Thread starter Thread starter Maziar Aflatoun
  • Start date Start date
M

Maziar Aflatoun

Hi,

I'm trying to protect one of my subfolders from Web.config file in my root
folder. Here is my directory structure

/ // My shopping cart
/admin // Shopping cart admin which needs to be protected

Now in my Web.config how can I protect just the /admin folder (which is not
a virtual directory) it's simply a folder in my / folder?

I tried

<authentication mode="Forms">
<forms name="CartAdmin" loginUrl="admin/Login.aspx" timeout="30"
protection="All" path="/admin" />
</authentication>
<authorization>
<deny users="?" />
</authorization>

but it doesn't work. Even when you try to access files in my / folder it
redirects you to my /admin/login.aspx file

Thank you
Maz
 
Thanks... I already got it to work using the following directives in my
Web.Config file

<authentication mode="Forms">
<forms loginUrl="admin/Login.aspx" protection="All" timeout="30"
path="/">
<credentials passwordFormat="Clear">
<user name="admin" password="12345" />
</credentials>
</forms>
</authentication>

and in the Web.Config file of my sub-folders
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<authorization>
<allow users="admin" />
<deny users="*" />
</authorization>
</system.web>
</configuration>

Thanks
Maziar Aflatoun
 
Back
Top