I was wondering if it is possible to use two different formsauthentification logins with the following directory structure:
/default.aspx
/login.aspx
/web.config
/subdirectory/sublogin.aspx
/subdirectory/subdefault.aspx
/subdirectory/web.config
The web.config in the root contains the following settings:
<authentication mode="Forms">
<forms protection="All" slidingExpiration="true" loginUrl="~/login.aspx" path="/"/>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
What I want to achieve is, that all directories except ‘subdirectory’ are protected by the login.aspx in the root. ‘subdirectory’ has its own login.aspx (sublogin.aspx)
How would the correct content of the web.config in subdirectory look like?
The
<authentication>web.config section can only be defined in machine.config or in the application’s root web.config. It cannot be specified in sub-folders of your application.What you can do, however, is create another ASP.NET application that happens to exist within the other application. Then each one can have its own authentication settings. In this case they will be separate applications, though, which might cause other problems.