Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Allow access for unathenticated users to specific page using ASP.Net Forms Authentication

I am using ASP.Net Forms Authentication. My Web.config looks like this.

    <authentication mode="Forms">
      <forms loginUrl="login.aspx"/>
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>

So currently every aspx page requires authentication.

I want to allow access to even unauthenticated users to a specific page named special.aspx. How can I do this?

like image 953
etoisarobot Avatar asked Sep 02 '10 15:09

etoisarobot


4 Answers

Take a look at the example on MS Support

<configuration>
    <system.web>
        <authentication mode="Forms" >
            <forms loginUrl="login.aspx" name=".ASPNETAUTH" protection="None" path="/" timeout="20" >
            </forms>
        </authentication>
<!-- This section denies access to all files in this 
application except for those that you have not explicitly 
specified by using another setting. -->
        <authorization>
            <deny users="?" /> 
        </authorization>
    </system.web>
<!-- This section gives the unauthenticated 
user access to the ThePageThatUnauthenticatedUsersCanVisit.aspx 
page only. It is located in the same folder 
as this configuration file. -->
        <location path="ThePageThatUnauthenticatedUsersCanVisit.aspx">
        <system.web>
        <authorization>
            <allow users ="*" />
        </authorization>
        </system.web>
        </location>
<!-- This section gives the unauthenticated 
user access to all of the files that are stored 
in the TheDirectoryThatUnauthenticatedUsersCanVisit folder.  -->
        <location path="TheDirectoryThatUnauthenticatedUsersCanVisit">
        <system.web>
        <authorization>
            <allow users ="*" />
        </authorization>
        </system.web>
        </location>
</configuration>
like image 118
Chase Florell Avatar answered Oct 19 '22 07:10

Chase Florell


Put the following in your web.config:

  <location path="special.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
like image 38
patmortech Avatar answered Oct 19 '22 08:10

patmortech


<location path="register.aspx"> //path here is path to your register.aspx page 
<system.web>

<authorization>
<allow users="*"/> // this will allow access to everyone to register.aspx
</authorization>

</system.web>
</location>

For more detail follow the below link

http://weblogs.asp.net/gurusarkar/setting-authorization-rules-for-a-particular-page-or-folder-in-web-config

like image 2
Rae Lee Avatar answered Oct 19 '22 07:10

Rae Lee


Allow everyone to access a particular page

Sometimes you want to allow public access to some page and want to restrict access to rest of the site only to logged / authenticated users .i.e. do not allow anonymous access. Say your special.aspx is in your site's root folder. In the web.config of your website's root folder you need to have following setup.

 <configuration>
    <system.web>

    <authentication mode="Forms"/>

       <authorization> <deny users="?"/>  //this will restrict anonymous user access
       </authorization>

   </system.web>
   <location path="special.aspx"> //path here is path to your special.aspx page 
   <system.web>
   <authorization>
    <allow users="*"/> // this will allow access to everyone to special.aspx

 </authorization>
 </system.web>
 </location>
 </configuration>
like image 1
lipika chakraborty Avatar answered Oct 19 '22 07:10

lipika chakraborty