Login.aspx, passwordrecovery.aspx, and register.aspx should be the only pages accessible for logged in users. I have the following in my webconfig:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" defaultUrl="Login.aspx" />
</authentication>
<authorization>
<deny users="?"/>
</authorization>
I have the following in my configuration element of my webconfig:
<location path="images">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="css">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="login.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="register.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="passwordrecovery.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
I get an Error: ASP.NET Ajax client-side framework failed to load. alert box when viewing any of the public pages. How do I allow access to the asp.net client-side framework (using the location tags?)?
I checked fiddler and added the following:
Ajax client side framework now loads – error message is gone. For those not using the Telerik controls – I’m sure you can use something similar to: