security and web.config

[rotsey]

Hi,

I have an app that I want to have forms security using a database.

But I want to have some pages not included in that security.

So I created a subfolder off the app root and put the pages in there and used a web.config file with no security as such
<authentication mode="None">

</authentication>
<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>

But I get an error when I try run the app.


Is this the right way to do it?????

rotsey

 

[link9]

No, the subfolder's web.config should look something like this:

<configuration>
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</configuration>

Each application can only have one type of authentication, so declaring it again in a sub folder yields the exception you're seeing.

-p

The answer to getting answered -- faq855-2992