tags:

views:

42

answers:

2
Q: 

ASP.NET auth, exclude root & allow anonymous

Hi All,

We have a weird issue found during setting up a new Windows 2003 Server with IIS6.0 & ASP.NET 2.0, our site is built using ASP.NET forms authentication with general authorization to deny access to all users & allow explicitly to static, home pages etc, -- web.config setting for forms auth looking as below:

     <authentication mode="Forms">
        <forms name="appNameAuth" path="/" loginUrl="~/Pages/Users/Login.aspx" protection="All" timeout="60" defaultUrl="~/Pages/Inner.aspx">
        </forms>
    </authentication>
    <authorization>
        <deny users="?"/>
    </authorization>

Issue is this:

If we access the site as localhost/default.aspx works fine & can view the home page of our website, but if we access using localhost/ - expect to view the default.aspx (as it's set as default document), but for some reason ASP.NET Forms Authentication thinks "/" is a protected page or content & redirects me to login page.

I couldn't find anyway to inform "/" as allow = *, in web.config... thought it might be linked with some NTFS & IIS permission issue with folders, could not get much update about..

Any help to resolve this, would be appreciated.

Thanks

Bhaskara

A: 

Were you able to resolve this? I've spent a day and a half trying to figure out this issue. Please let me know if you have found a resolution.

SpartanSoft  2010-09-29 19:06:31
Bhaskara  2010-09-30 14:25:12
A: 

Over the weekend, above stated problem re-surfaced on our servers... while doing some other configuration changes & eventually found the root cause of issue (and not the simple "re-create" website suggested earlier).

Here is the issue & solution:

  1. We have our main website as simple ASP.NET based & NOT MVC app.

  2. Website contains 1 virtual directory, build on MVC framework & as per the guidelines to enable MVC (http://haacked.com/archive/2008/11/26/asp.net-mvc-on-iis-6-walkthrough.aspx) - we were supposed to setup the .mvc pattern & subsequent wildcard mapping for extension less URLs

  3. Mistake we did was, instead of setting up MVC properties at the virtual directory, it was setup at root level... main website was set for forms-auth & wildcard mapping ended up triggering asp.net forms auth

  4. Issue was resolved, when removed wildcard mapping at root & only setup on the virtual directory (that was not set with asp.net auth & allowed anonymous access to all pages)

Thanks Bhaskara

Bhaskara  2010-10-04 11:01:49

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps