Redirects to login.aspx but not to default.aspx
Question
So I have set up my web.config to authenticate forms. I have the two pieces of code in my web.config but it is acting strange. When you go to www.mysite.com it redirects to the login.aspx page but when you go to www.mysite.com/default.aspx it does not redirect. why is it doing this? I also have the default doc set as default.aspx
<system.web>
<compilation debug="true" targetFramework="4.0" />
<authentication mode="Forms">
<forms loginUrl="~/Login.aspx" timeout="2880" defaultUrl="account/default.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
<location path="default.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
1 answers
solution1
1 2012-07-12 02:03:45
As clearly shown in the config file, you have allowed unauthenticated users to access "default.aspx" URL explicitly. There is no such thing for "/" URL. Note that it does not matter that they (might) end up pointing to the same physical file on disk eventually. Only the URL matters for authorization purposes. You can clone your <location> tag and simply have another one for path="/" that allows access to all users, regardless of their authentication status.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.