Troubled authentication in subdirectories

Hi there,
I want to have an unrestricted root directory and some protected
subdirectories on my ASP.NET 2.0 application. I want each subdirectory to
have its own Login.aspx page.
The following article is a good start, but it uses a single Login.aspx
located in the root directory to protect a subdirectory:
[url]http://www.theserverside.net/tt/articles/showarticle.tss?id=FormAuthentication[/ur
l]
The technique described in the article uses a "location" section in
web.config, where a custom "system.web" section is defined for the protected
subdirectory.
Now if I put the "authentication mode" section inside this custom
"system.web" for the subdirectory (so I can define the subdirectory Login
page), I get a compiler error on the "authentication" section:
Error 1 It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This error
can be caused by a virtual directory not being configured as an application
in IIS. D:\WebSites\RegencyWeb\web.config 42
If I put the "authentication" section in the root "system.web" (outside of
the location's "system.web") then the application compiles fine, but I'm
limited to a single Login.aspx for the application.
So how can I solve this?
Thanks for any insight,
-BentonYou can only have one authentication section in a web application. You don't
solve this, it's by design. The only thing you can do is alter the login
page based upon where the user is coming from, ie: which subdirectory. The
only other way is to make the subdirectories their own independent
application spaces. Of course, you can specify whatever authorization
limitations you want in the specific subdirectories, that doesn't matter,
just keeping in mind there can only be one authentication section and one
logon page.
Hope this helps,
Mark Fitzpatrick
Former Microsoft FrontPage MVP 199...2006
"Benton" <conversar@.gmail.com> wrote in message
news:56jam8F27vd09U1@.mid.individual.net...
> Hi there,
> I want to have an unrestricted root directory and some protected
> subdirectories on my ASP.NET 2.0 application. I want each subdirectory to
> have its own Login.aspx page.
> The following article is a good start, but it uses a single Login.aspx
> located in the root directory to protect a subdirectory:
> [url]http://www.theserverside.net/tt/articles/showarticle.tss?id=FormAuthentication[/
url]
> The technique described in the article uses a "location" section in
> web.config, where a custom "system.web" section is defined for the
> protected subdirectory.
> Now if I put the "authentication mode" section inside this custom
> "system.web" for the subdirectory (so I can define the subdirectory Login
> page), I get a compiler error on the "authentication" section:
> Error 1 It is an error to use a section registered as
> allowDefinition='MachineToApplication' beyond application level. This
> error can be caused by a virtual directory not being configured as an
> application in IIS. D:\WebSites\RegencyWeb\web.config 42
> If I put the "authentication" section in the root "system.web" (outside of
> the location's "system.web") then the application compiles fine, but I'm
> limited to a single Login.aspx for the application.
> So how can I solve this?
> Thanks for any insight,
> -Benton