anonymous users page access

Anonymous users should not have the ability to access 3 out of 10 pages in my website.  If they do happen to find the page they need to get immediately booted out to the login screen.

What do I need to do in order to protect these three page from anonymous users and boot them to the login screen if they try to access them?
cdemott33Asked:
Who is Participating?
 
cdemott33Author Commented:
Actually in should be a "?" for the deny users rather than a "*", so the correct code is...
    <location allowOverride="false" path="specialPageOne.aspx">
        <system.web>
            <authorization>
                <allow users ="administrators" />
                <deny users="?"/>
            </authorization>
        </system.web>
    </location>

Open in new window

0
 
peterdunganCommented:
Put them in a different folder. In the same folder have a web.config file with the following content:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
    <system.web>
        <authorization>
            <deny users="?" />
        </authorization>
    </system.web>
</configuration>
0
 
peterdunganCommented:
Put the web.config in the same folder as the pages you want to restrict access to I mean (reading back over it I'm not sure if I made that clear.)
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
cdemott33Author Commented:
My concern regarding moving admin pages to a specified folder is that some FUTURE pages will be visable by both admin and general users.  These types of pages would have features shut down and or appear based on their role.  In otherwords, admins may have a particular button appear for them that that a general user will not see?  

Is there any way to do this without having to group all admin pages in a specific folder and creating separate web.config files?
0
 
peterdunganCommented:
use a loginview in the page. You can set that to display different content depending on the role etc
0
 
cdemott33Author Commented:
I'm fimilar with the LoginView.  That's not what I was shooting for.  I just want to prevent anonymous users from access three specific pages.  Only administrators should have access to them.

After doing some digging around google I found a solution that worked.  You just add this into your web.config file?  What do you think?  Is this a good way to do it?
    <location allowOverride="false" path="specialPageOne.aspx">
        <system.web>
            <authorization>
                <allow users ="administrators" />
                <deny users="*"/>
            </authorization>
        </system.web>
    </location>

Open in new window

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.