Anonymous access to Theme with Security in web.config

Hi all

I have an asp.net 2.0 website with 2 themes, red and blue.
Everything works perfect, except for that I want anonymous users can see the default theme (blue).
A user who has logged in can go to the configuration page to choose his/her favorite theme.

Anonymous users don't have access to the default theme.

Here is an extract of my web.config
-----------------------------------------

    <authorization>
       <deny users="?" />
    </authorization>

    <authentication mode="Forms" />

    <anonymousIdentification enabled="true"/>

    <profile>
      <properties>
        <add name="MyTheme" defaultValue="Blue" allowAnonymous="true"/>
      </properties>
    </profile>

If I omit the deny users="?" it works perfectly but I want users (who are registered) be able to change colors, and anonymous users can only see one default theme, so that the site has a nice structure

Can anyone help me please?

Thx

Gerrie
gerrie_govaertsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gerrie_govaertsAuthor Commented:
Found the solution by myself.
Here comes it for those who are interested

Set the following in web.config

First I deny access to all anonymous users

      <authorization>
        <deny users="?"/>
      </authorization>

Then I allow identification for anonymous users

      <anonymousIdentification enabled="true"/>

A profile setting for your favourite theme (on user basis) with a default theme for every anonymous user

      <profile>
        <properties>
          <add name="MyTheme" defaultValue="Blue" allowAnonymous="true"/>
        </properties>
      </profile>

  A location that points to the special asp.net 2.0 directory where the themes are managed, set them to be accessible for the anonymous users

  <location path="App_Themes">
    <system.web>
      <authorization>
        <allow users="?"/>
      </authorization>
    </system.web>
  </location>


This does the job perfectly. Anonymous users can see the default theme (blue in this case) and if they are succesfully logged in they can change this profile setting on an aspx page.
0
EE_AutoDeleterCommented:
gerrie_govaerts,
Because you have presented a solution to your own problem which may be helpful to future searches, this question is now PAQed and your points have been refunded.

EE_AutoDeleter
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
richardhaegerCommented:
Hello Gerrie,

Just to let you know, I solved the same problem with less steps.

I did not use these:

<anonymousIdentification enabled="true"/>
allowAnonymous="true"

And now it works.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP.NET

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.