Hi, I have a main login for my client facing website configured with ASP.NET membership.
I also have a secondary login for my admin backoffice called /admin with a login page
/admin/login.aspx
upon logging in it should direct to:
/admin/secure/
I've placed a web.config file in /admin/secure/ as follows
<?xml version="1.0"?>
<configuration>
<system.web>
<authorization>
<allow roles="admin" />
<deny users="?" />
</authorization>
</system.web>
</configuration>
My problem is I want to use .net membership to redirect back to /admin/login.aspx if un autehnicated users try and access it rather than using the top level redirect (/login.aspx) which is used for my client facing login.
Is this possible?
My attempt so far has been to add the following into my root level web.config file:
<location path="admin">
<system.web>
<authentication mode="Forms">
<forms name="appTTESubAuth" path="~/admin/" loginUrl="~/admin/login.aspx" protection="All" timeout="120"/>
</authentication>
</system.web>
</location>
I get the following error:
It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.
So i tried this:
<sectionGroup name="system.web" type="System.Web.Configuration.SystemWebSectionGroup, System.Web, Version=%ASSEMBLY_VERSION%, Culture=neutral, PublicKeyToken=%MICROSOFT_PUBLICKEY%">
<section name="authentication" type="System.Web.Configuration.AuthenticationSection, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" allowDefinition="Everywhere" />
<!-- Other system.web sections -->
</sectionGroup>
which gives me
Section or group name 'system.web' is already defined. Updates to this may only occur at the configuration level where it is defined
Anyone managed to do this using .net membersip?
Thanks