Security + Authentication

[mike55]

Hi all

Have set the <authentication> mode of my web project to Forms mode and have specified that the user must go through the log in page to start with.

<authentication mode="Forms">
   <Forms loginUrl="Default.aspx protection="All" path="/" timeout="10">
   </Forms>
</authentication>

Now I created the setup files for my project and installed my project on the server, when I enter the address to go to the project from a remote machine, I am firstly asked to log into the server itself, and then log into the application.

My question is, how do I stop the request to login to the server from comming up, as I don't want to provide such sensitive data to users.

Mike55

 

[PlausiblyDamp]

Under IIS the virtual folder needs to allow anonymous access.

 

[mike55]

Thanks,

That solved the problem, as you can see from the code above I also specified that the user must log into the page "Default.aspx" when they start off. If they successfully log on then they are sent to the page "Admin.html". This page consists of 2 frames, which are named "menu" and "main". The "menu" frame is linked to an asp page with a third party menu on it, so that when you select one of the menu options the result is displayed in the "main" frame of "Admin.html".

Now the problem is that i you try to go to "Admin.html" without going through the log in, you get dragged back to the login page "Default.aspx", but this page is displayed in the "menu" frame and not as a completely new page. Any suggestions on how to get around this problem without removing the frames from "Admin.html"

Mike55