another question about security. I have a config.web file whose content is
<cookie cookie=".ASPXAUTH" loginurl="login.aspx"
<user name="testname" password="testpwd"/>
<deny users="?" />
<add key "connstring" value="connction string here" />
When I try to access any aspx file in the folder, I'm redireted to the login
page. Now, under the same folder I have an aspx file that I don't want to
required any login, because it only process an HTML form, it does anything
critical (DB administration) that required the authorization. Most of the
files in the folder are supposed for the admin, and so require a login, but
2 files are ASPX files for any user.
So, the question is: can I specifyy that those 2 files don't require a
login? I tought I could put the Admin files in a subfolder and put the
config.web file only in that subfolder, but the problem is that config.web
also contains some AppSettings value that must be accessibile from any file,
also those files that don't require login. So, if I put the files in a
different dire they won't be able to read the appsettings, and I don't want
to replicate the AppSettings values is possibile?
Top DevX Stories
Easy Web Services with SQL Server 2005 HTTP Endpoints
JavaOne 2005: Java Platform Roadmap Focuses on Ease of Development, Sun Focuses on the "Free" in F.O.S.S.
Wed Yourself to UML with the Power of Associations
Microsoft to Add AJAX Capabilities to ASP.NET
IBM's Cloudscape Versus MySQL