asp.net.ph
Home  
Getting Started  
Skip Navigation Links
Web Forms  
Skip Navigation Links
Data Access  
Skip Navigation Links
Web Apps  
Skip Navigation Links
Web Basics  
Skip Navigation Links
Show Me   Search
Friday, January 10, 2025 

Skip Navigation Links

Application Root Directory Configuration File ( Web.config )

Designing Secure ASP.NET Applications   Forms Authentication Using an XML Users File

The Web.config configuration file in the application root directory ( the directory in which Default.aspx resides ) should be set up to have the following entries.

<configuration>
   <system.web>

To set up the Web.config configuration file

  1. Set the authentication mode to Forms. Other possible values are Windows, Passport, and None ( empty string ). For this example, it must be Forms. 
          <authentication mode = "Forms" >
  2. Set the form’s authentication attributes. 
             <forms
    1. Set the loginurl attribute to login.aspx. Login.aspx is the URL to use for redirection if ASP.NET does not find a form with the request. 
            loginUrl = "login.aspx"
    2. Set the form’s name suffix. 
            name = ".ASPXCOOKIEAUTH2" />
  3. Deny unauthenticated users access to this directory. 
          </authentication>
      <authorization>
         <deny users = "?" /> 
      </authorization>
   </system.web>
</configuration>
See Also

The Forms Authentication Provider




Home
Suggested Reading

© 2025 Reynald Nuñez and asp.net.ph. All rights reserved.

If you have any question, comment or suggestion
about this site, please send us a note