Forms Authentication - how to exclude certain files

[Peter]

I have a site which uses forms authentication but I would
like to exclude certain pages on the site from
authentication. In other words I would like the user to be
able to get to these pages without having to Log In.
How do I change my web.config file to exclude certain
files.

<authentication mode = "Forms">
<forms name = ".ASPX" loginURL="Authenticate.aspx"
protection = "All" path="/" />
</authentication>

Thanks.

 

[Chris Jackson]

You can put a different web.config in each folder, and the settings on the
child folder will override those on the parent. Just create a directory of
pages that don't need to be secured, and change the web.config on this
directory to allow non-authenticated users to access it.

 

[Steve C. Orr, MCSD]

You can specify which files and folders to allow to which users in your
web.config file by using the <location> tag.

Here is an example link with sample code that you can download and play
with.
http://www.dotnetbips.com/displayarticle.aspx?id=117