.NET: Setup Authentication in Web.config

1/6/2015 4:37:28 PM

The following web.config will deny all unauthenticated users but allow access to site resources and site assets like images and css.

<?xml version="1.0" encoding="utf-8"?>

<configuration>

  <system.web>
    
    <authentication mode="Forms">      
	    <forms loginUrl="~/login/" timeout="2880" name="mysitename" />
    </authentication>

    <authorization>
      <deny users="?" />
    </authorization>       
  
  </system.web>
  
  <location path="SiteResources">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

  <location path="Login">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>
  
</configuration>