How do I grant anonymous access to a url using FormsAuthentication?

Posted by Brian Bolton on Stack Overflow See other posts from Stack Overflow or by Brian Bolton
Published on 2009-08-30T16:09:18Z Indexed on 2010/05/15 23:10 UTC
Read the original article Hit count: 419

Filed under:

forms-authentication

For the most part, my webapp requires authentication to do anything. There are a few pages, namely the homepage, that I'd like people to be able to access without authenticating.

Specifically, I'd like to allow anonymous access to these urls:

/home 
/default.aspx

I'm using asp.net MVC and FormsAuthentication. Both urls point to the same view:

/home/index.aspx

Here is my current configuration in web.config.

<authentication mode="Forms">
  <forms loginUrl="~/Account/LogOn" timeout="2880" />      
</authentication>
<authorization>           
  <deny users="?" />      
</authorization>

Reading the documentation for the authorization tag, it says "Configures the authorization for a Web application, controlling client access to URL resources." It seems like I should be able to use the authorization tag to specify a url and allow access.

Something like:

<authentication mode="Forms">
  <forms loginUrl="~/Account/LogOn" timeout="2880" />      
</authentication>

<authorization>           
  <deny users="?" />      
</authorization>

<authorization url="/default.aspx">           
  <allow users="?" />      
</authorization>

<authorization url="/home">           
  <allow users="?" />      
</authorization>

Related posts about forms-authentication

Hitting a ADO.NET Data Services from WPF client, forms authentication

as seen on Stack Overflow - Search for 'Stack Overflow'
Hey all! There are a number of questiosn on StackOverflow that ALMOST hit this topic head on, but they are either for other technologies, reference obsolets information or don;t supply an answer that I can suss out. So pardon the almost duplication :) I have a working ADO.NET Data Service, and a… >>> More
Single Sign On with Forms Authentication

as seen on Stack Overflow - Search for 'Stack Overflow'
I am trying to set up Single sign on for 2 websites that reside on the same domain e.g. http://mydomain (top level site that contains a forms-auth login page) http://mydomain/admin (seperately developed website residing in a Virtual Application within the parent website) Have read a few articles… >>> More
Forms authentication ignored in virtual application

as seen on Stack Overflow - Search for 'Stack Overflow'
I have an admin site swet up as a virtual applcation inside of another website. I would like visitors to the sub directory (the virtual application) to be promtped for credentials using the same Forms autheentication set up on the main parent site Have tried all sorts of things but can't get it… >>> More
Create non-persistent cookie with FormsAuthenticationTicket

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello! I'm having trouble creating a non-persistent cookie using the FormsAuthenticationTicket. I want to store userdata in the ticket, so i can't use FormsAuthentication.SetAuthCookie() or FormsAuthentication.GetAuthCookie() methods. Because of this I need to create the FormsAuthenticationTicket… >>> More
Forms Authentication logs out very quickly , locally works fine !!!

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello to all, There's a problem that i am facing with my hosting company, I use a project that uses FormsAuthentication and the problem is that though it successfully logs in, it logs out VERY QUICKLY, and i don't know what could be the cause of that, so in my web.config file i added those lines: <authentication… >>> More

Developer IT