Article:		ASP.NET Forms Authentication - Part 1
Subject:		can not login in unsecured zone
Date:		2003-06-05 11:02:34
From:		anonymous2
This article assumes the login page is in the secured portion of the website. What if there is an unsecured portion (main directory) and a secured portion (subdirectory)? I want the user to be able to input credentials in the login page contained in the public area. If authenticated from the database, the user is redirected to the private home page in the secured directory.

Showing messages 1 through 1 of 1.

• can not login in unsecured zone
  2006-02-19 03:30:44  Wiggy [Reply | View]
  
  
  I had this same question, and I've now found the answer. In web.Config at the moment you will have something like:-
  
  <system.web>
  <authentication mode="Forms" >
  <forms
  name="MyApp"
  path="/"
  loginUrl="Logon.aspx"
  protection="All"
  timeout="20">
  </forms>
  </authentication>
  </system.web>
  
  You will need to add after the </system.web> something like this:-
  
  <location path="Public">
  <system.web>
  <authorization>
  <allow users="*"/>
  </authorization>
  </system.web>
  </location>
  
  This will allow anyone (authorised or not authorised) to access the pages in the "Public" directory.