I have an ASP.NET website with two different sections, root website and an /Admin sub-folder. I want to have two different forms authentication/login pages for them. /Admin folder should use/redirect /Admin/Login.aspx and root pages should use /Login.aspx. What should I do in web.config to accomplish this?
+2
A:
Have you looked at roles authentication?
You are building an Intranet expense report application for your organization, and want to enable role-based authentication and authorization capabilities within it. Specifically, you want to create logical roles called 'approvers', 'auditors', and 'administrators' for the application, and grant/deny end-users access to functionality within the application based on whether they are in these roles.
Something along the lines of here
Rippo
2010-10-25 08:01:45
A:
A couple options:
- Use the same authentication form. Then use roles to authorize access to admin
- Allow access to the login form by adding a location + authorize anonymous rule to the login's form path. Hook to events at the global.asax in order to redirect to the admin's login on unauthenticated/unauthorized access of /admin pages if that's desired.
eglasius
2010-10-25 14:49:08