Home/ Questions/Q 7609269
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T01:08:00+00:00

Basically I am trying to configure Access to a specific Folder on my shared

  • 0

Basically I am trying to configure Access to a specific Folder on my shared hosting and I used this as guide: http://support.microsoft.com/kb/316871

This part of my web.config:

<system.web>
  <authorization>
    <deny users="?"/>

  </authorization>
  <authentication mode="Forms">

    <forms name="Authlogin" loginUrl="logon.aspx" protection="All" timeout="60" path="." />

  </authentication>

So if users is unauthorized then he would be redirected to logon.aspx.
This solution works well on visual studio testing server and user get redirected to logon.aspx,but it doesn’t work at all on my shared hosting ( godaddy ).It seems like rules just ignored.
Any ideas how to make it work…or why it doesn’t work on hosting?

EDIT
I have notice what if I request any any of asp pages(ashx,apsx,asmx) then i would be redirected to logon.apsx.But if i would request for any file (html,txt,jpg and ect) then forms authentication would be ignored.
Same thing happens on local IIS 7.5

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I found the problem and solution.The problem what IIS and ASP.NET controlling only asp.net pages.So to enable IIS to look after all files I made this changes in web.config
    First I added this in system.webserver

    <modules>
      <remove name="FormsAuthenticationModule" />
      <add name="FormsAuthenticationModule"    type="System.Web.Security.FormsAuthenticationModule" />
      <remove name="UrlAuthorization" />
      <add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
      <remove name="DefaultAuthentication" />
      <add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" />
</modules>

    This will enable IIS to work with ASP.NET form authentication(It’s how i understand it=)))
    When I added this in same system.webServer

    <security>
      <authorization>
        <remove users="*" roles="" verbs="" />
        <add accessType="Deny" users="?"/>
        <add accessType="Allow" users="*"/>
      </authorization>

    I hope my solution would help to any one with same problem

    • 0