M
MJ
I'm building an application that has a file structure similar to the
following:
/myapp/user_login.aspx
/myapp/user_page_1.aspx
/myapp/user_page_2.aspx
/myapp/user_page_3.aspx
/myapp/admin/admin_login.aspx
/myapp/admin/admin_page_1.aspx
/myapp/admin/admin_page_2.aspx
/myapp/admin/admin_page_3.aspx
....where "/myapp" is a virtual directory defined as an application in
IIS.
You probably get the idea - only logged-in users should have access to
the user pages under the application root, and only logged-in admins
should have access to the admin pages that are under the "admin"
subdir. Unauthenticated users/admins should be redirected to the
appropriate login form.
Using forms authentication, my web.config (located in application root
- "/myapp") currently looks like this:
<!-- begin web.config -->
<configuration>
<location>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="AuthCookie" loginUrl="/myapp/user_login.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="admin">
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="AdminAuthCookie"
loginUrl="/myapp/admin/admin_login.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
</configuration>
<!-- end web.config -->
This works perfectly for the user pages... unauthenticated users are
redirected to "user_login.aspx", and after successfully logging-in
there they can access the rest of the user pages.
However, when an unauthenticated admin tries to access
"admin_page_1.aspx", instead of being redirected to the admin login
form, I get the following "Configuration Error":
<!-- begin error message -->
Parser Error Message: It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This
error can be caused by a virtual directory not being configured as an
application in IIS.
Source Error:
Line 15: <system.web>
Line 16: <customErrors mode="Off" />
Line 17: <authentication mode="Forms">
Line 18: <forms name="AdminAuthCookie"
loginUrl="/myapp/admin/admin_login.aspx" />
Line 19: </authentication>
<!-- end error message -->
(line 17 is highlighted)
This message says that maybe my virtual directory is not an
application from IIS' perspective, but I've double and triple checked
that it is. Since that does not seem to be the issue, what is causing
this error? Please help! Thanks!
-MJ
following:
/myapp/user_login.aspx
/myapp/user_page_1.aspx
/myapp/user_page_2.aspx
/myapp/user_page_3.aspx
/myapp/admin/admin_login.aspx
/myapp/admin/admin_page_1.aspx
/myapp/admin/admin_page_2.aspx
/myapp/admin/admin_page_3.aspx
....where "/myapp" is a virtual directory defined as an application in
IIS.
You probably get the idea - only logged-in users should have access to
the user pages under the application root, and only logged-in admins
should have access to the admin pages that are under the "admin"
subdir. Unauthenticated users/admins should be redirected to the
appropriate login form.
Using forms authentication, my web.config (located in application root
- "/myapp") currently looks like this:
<!-- begin web.config -->
<configuration>
<location>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="AuthCookie" loginUrl="/myapp/user_login.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="admin">
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="AdminAuthCookie"
loginUrl="/myapp/admin/admin_login.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
</configuration>
<!-- end web.config -->
This works perfectly for the user pages... unauthenticated users are
redirected to "user_login.aspx", and after successfully logging-in
there they can access the rest of the user pages.
However, when an unauthenticated admin tries to access
"admin_page_1.aspx", instead of being redirected to the admin login
form, I get the following "Configuration Error":
<!-- begin error message -->
Parser Error Message: It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This
error can be caused by a virtual directory not being configured as an
application in IIS.
Source Error:
Line 15: <system.web>
Line 16: <customErrors mode="Off" />
Line 17: <authentication mode="Forms">
Line 18: <forms name="AdminAuthCookie"
loginUrl="/myapp/admin/admin_login.aspx" />
Line 19: </authentication>
<!-- end error message -->
(line 17 is highlighted)
This message says that maybe my virtual directory is not an
application from IIS' perspective, but I've double and triple checked
that it is. Since that does not seem to be the issue, what is causing
this error? Please help! Thanks!
-MJ