Mixed Mode Authentication

Topics: Web Client Software Factory
Apr 4, 2007 at 8:26 PM
Has anyone tried to implement mixed mode authentication with WCSF? I am trying to create a module that contains some views that require Windows auth, others that use forms auth. I tried modifying the Web.Config of the module only to receive this error:
"Error 12 It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS."

Any ideas if this is possible?
Developer
Apr 23, 2007 at 3:03 PM
Hi Mike, you are getting that runtime-error because in your web.config located at the subdir you have:

<authentication mode="Forms">
  …
</authentication>
And this element can be declared only at the machine, site, or application level. Any attempt to declare it in a configuration file at the subdirectory or page level will result in a parser error

This means that within the same application, you can’t have one authentication method for one set of pages and a different one for another set of pages.

What you can put in your subdir web.config is for example:

<authorization>
    <deny users="?"/>
</authorization>
This code basically says that you have to be logged in to have access.

Also you can specify authorization at file level within a site or directory:
<location path="MyFile.aspx">
  <system.web>
    <authorization>
      <allow users="*"/>
   </authorization>
 </system.web>
</location>
Check this articles from MSDN:

BTW - If you want to achieve that scenario, you have to create a virtual directory for your module.

Let me know if this helps,
Ezequiel Jadib
http://staff.southworks.net/blogs/ejadib
Jul 6, 2007 at 5:17 PM
I tried this by creating virtual directories still getting the same error. Please help us with some example

Thanks
Subu