Configuration of ASP. NET 2.0 authentication items

In ASP. in net2.0, if the root directory allows anonymous users to access a page under the root directory (such as info. aspx) must be logged on (assuming the logon page is login. the web. the config file must be configured as follows:

<? XML version = "1.0"?>

<Configuration>
<Deleetask>
</Appsettings>
<Connectionstrings>
</Connectionstrings>

<System. Web>
<Compilation DEBUG = "true"/>

<! -- <Authentication mode = "Windows"/> -->
<Authentication mode = "forms">
<Forms loginurl = "login. aspx" Protection = "all" Path = "/" timeout = "30"/>
</Authentication>

<Authorization>

<! -- Anonymous allowed -->
<Allow users = "? "/>

</Authorization>

</System. Web>

<Location Path = "info. aspx">
<System. Web>

<! -- Authentication item configuration (when authentication information is specified for a separate page, the authentication section can only inherit from this directory, and cannot be set separately) -->
<! --
<Authentication mode = "forms">
<Forms name = ".www.cnpp.info" loginurl = "login. aspx" Protection = "all" Path = "/" timeout = "30"/>
</Authentication>
-->

<! -- User access control -->
<Authorization>

<! -- Block Anonymous -->
<Deny users = "? "/>

</Authorization>
</System. Web>
</Location>

</Configuration>

 

That is, the authentication item cannot be configured in the configuration section of the page to be authenticated. The authentication item can only be configured in the root directory, info. aspx inherits from the root directory. otherwise, the following error occurs: "The Section registered as allowdefinition = 'machinetoapplication' outside the application level is incorrect. This error may occur if the virtual directory is not configured as an application in IIS"

Finally, it is verified that the <authentication> <form section can only appear at the root site or application site.