PortSight Secure Access Documentation

Authentication for selected area

 

Note: This section is relevant for Forms Authentication only. When using Windows authentication you should rather use NTFS permissions on your Web files to restrict access to them.

 

If you need to restrict access to a specific area of your application only (such as for the "Administration" section or for particular pages only), modify your Web.config file:

 

  1. Modify the /configuration/system.web/authorization section so that it contains the following text:

    <authorization>
            <allow users="*" />
    </authorization>								

    What you did:

    You have just replaced the "deny" section with "allow" mode for all users.

  2. Add following text in the /configuration section (please note that you place the text outside the "system.web" section):

    <location path="administration">
      <system.web>
       	<authorization>
            <deny users="?" />
    	</authorization>
      </system.web>
    </location>								

    What you did:

    Save the configuration file. Since now, all users can access the pages without being authenticated. However, only authenticated users can access the ASPX pages in the administration subfolder.


        Tip

    You can add any number of such sections into your Web.config file. You can even specify particular files instead of whole folders.