I have a main login for my client facing website configured with ASP.NET membership.

I also have a secondary login for my admin backoffice called /admin
with a login page

/admin/login.aspx

upon logging in it should direct to:

/admin/secure/

I’ve placed a web.config file in /admin/secure/ as follows

<?xml version="1.0"?>
<configuration>
    <system.web>
        <authorization>
            <allow roles="admin" />
            <deny users="?" />
        </authorization>
    </system.web>
</configuration>

My problem is I want to use .net membership to redirect back to /admin/login.aspx if un autehnicated users try and access it rather than using the top level redirect (/login.aspx) which is used for my client facing login.

Is this possible?

My attempt so far has been to add the following into my root level web.config file:

<location path="admin">
    <system.web>
        <authentication mode="Forms">
            <forms name="appTTESubAuth" path="~/admin/" loginUrl="~/admin/login.aspx" protection="All" timeout="120"/>
        </authentication>
    </system.web>
</location>

I get the following error:

It is an error to use a section
registered as
allowDefinition=’MachineToApplication’
beyond application level. This error
can be caused by a virtual directory
not being configured as an application
in IIS.

So i tried this:

<sectionGroup name="system.web" type="System.Web.Configuration.SystemWebSectionGroup, System.Web, Version=%ASSEMBLY_VERSION%, Culture=neutral, PublicKeyToken=%MICROSOFT_PUBLICKEY%">
            <section name="authentication" type="System.Web.Configuration.AuthenticationSection, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" allowDefinition="Everywhere" />
            <!-- Other system.web sections -->
        </sectionGroup>

which gives me

Section or group name ‘system.web’ is
already defined. Updates to this may
only occur at the configuration level
where it is defined

Anyone managed to do this using .net membersip?

Thanks