• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 168
  • Last Modified:

Visual Studio - Exlcuding a page from redirecting to login

The following question was just answered:

Question: I have a web application created using Visual Studio 2008.  I want users to be denied access to the site if they are not logged in first.  I want the user trying to access a page without logging in to be redirected to the login page.

Now I need to know how to exclude a page from redirecting to the login page.  I have a page for password recovery that I would like the users to have access to if they have forgotten their password.
0
sproctor722
Asked:
sproctor722
  • 3
1 Solution
 
Snarf0001Commented:
in your web.config file, under the primary <configuration> node, add something like the following:

  <location path="myPath/PasswordRecovery.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>
0
 
sproctor722Author Commented:
Adding this gives access to all pages.  I want to exclude the PasswordRecovery page and password protect the other pages.
0
 
Snarf0001Commented:
No, normallly the allowusers goes in the primary system.web section, as you did in the last question you mentioned.
Outside of the normal system.web, you can override that behavriou by adding <location> tags.
Generally these go at the bottom of the web.config, or after the system.web part.
When you add a new section in, you can override the behavior on a single page or an entire folder.
IN the example above, all pages will still be restricted, but the override would be applied to a page called PasswordRecovery.aspx, and that page alone.
0
 
Snarf0001Commented:
ie:

<configuration>
  <configSections />--all the data in there
  <system.web />--all the data in there, here is where your primary restriction is enforced
                           --with the forms authentication
  <system.codedom />--all the data in there
  <runtime />--all the data in there

<!--here you enter an override outside of the normal system.web for a specific page / folder -->  
<location path="myPath/PasswordRecovery.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>


</configuration>
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now