ASP.NET forms security and web.config

  • Thread starter Thread starter Harley
  • Start date Start date
H

Harley

i have an application that uses forms security to restrict access to a
specific folder. it´s done using a web.config file on the root folder with
this structure:

<configuration>
<system.web>
..
..
..
<authentication mode="Forms">
<forms name="InterMedia.PaymentsMerchantLogin"
path="/"
loginUrl="manager/login.aspx"
protection="All"
timeout="10">
</forms>
</authentication>
<identity impersonate = "true"/>
<authorization>
<allow users="*" />
</authorization>
..
..
..
</system.web>
<location path="manager">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
..
..
..
</configuration>

this redirects users to manager/login.aspx to all users trying to conect to
the /mananger folder.

now i need to secure another directory, but a different set of users and
using another login screen. if i use a different <location> section i get an
error.

what should i do?
 
Back
Top