I have a website built with ASP.NET (3.5) and want add some level of security into it.
I am using the login controls to help with this. I have one issue though.
I have within my web.config the following.
<authorization>
<deny users="?"/>
</authorization>
This work fine when a user has not logged in before (ie. if they goto the default.aspx form then it redirects the user to the login.aspx form). But if it is a new user then I want to allow that user to enter new details using the CreateUserWizard on signup.aspx form. But for some reason it just jumps back to the login form.
Am I missing something? I thought these login controls would allow for this kind of senario?