How best implement ASP.NET Forms Authentication?

[Ronald S. Cook]

In my ASP.NET app, I have a few pages that I want to be public (i.e.
accessible by everyone) and the rest private (user has to be signed in). In
the examples I've seen, the public files have been in the root folder with
it's own Web.config file and the private ones in a subfolder with a separate
Web.config file.

Must I necessarily use a subfolder to separate private from public files?
Could I maybe have them all in the same root folder but then perhaps list
the public pages somehow in the Web.config file? I'm just looking for the
best, most standard way to do this.

Thanks,
Ron

 

[JKJ]

No, you don't have to. Just use a location element within
your web.config. Go here for an example:

http://www.wilsondotnet.com/Code/?path=\&file=Web.config

 

[Ronald S. Cook]

Thanks.. that works great. But, would I have to create a locatio section
for every public page or is there a more abbreviated way to do it?

<location path="About.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="Help.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

Thanks,
Ron