Allow access for unathenticated users to specific page using ASP.Net Forms Authentication

etoisarobot picture etoisarobot · Sep 2, 2010 · Viewed 68.8k times · Source

I am using ASP.Net Forms Authentication. My Web.config looks like this.

    <authentication mode="Forms">
      <forms loginUrl="login.aspx"/>
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>

So currently every aspx page requires authentication.

I want to allow access to even unauthenticated users to a specific page named special.aspx. How can I do this?

Answer

Chase Florell picture Chase Florell · Sep 2, 2010

Take a look at the example on MS Support

<configuration>
    <system.web>
        <authentication mode="Forms" >
            <forms loginUrl="login.aspx" name=".ASPNETAUTH" protection="None" path="/" timeout="20" >
            </forms>
        </authentication>
<!-- This section denies access to all files in this 
application except for those that you have not explicitly 
specified by using another setting. -->
        <authorization>
            <deny users="?" /> 
        </authorization>
    </system.web>
<!-- This section gives the unauthenticated 
user access to the ThePageThatUnauthenticatedUsersCanVisit.aspx 
page only. It is located in the same folder 
as this configuration file. -->
        <location path="ThePageThatUnauthenticatedUsersCanVisit.aspx">
        <system.web>
        <authorization>
            <allow users ="*" />
        </authorization>
        </system.web>
        </location>
<!-- This section gives the unauthenticated 
user access to all of the files that are stored 
in the TheDirectoryThatUnauthenticatedUsersCanVisit folder.  -->
        <location path="TheDirectoryThatUnauthenticatedUsersCanVisit">
        <system.web>
        <authorization>
            <allow users ="*" />
        </authorization>
        </system.web>
        </location>
</configuration>