current community

your communities

more stack exchange communities

Stack Exchange
tour help
stack overflow careers
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 2 down vote favorite

I am working on an ASP.NET web forms application that is using Forms Authentication. The problem is, it ignores my route and redirects to the login.aspx page.

I have the following route setup:

routes.MapPageRoute("/locale", "{locale}", "~/shorturl/transfer.aspx", 
            false, 
            new RouteValueDictionary { { "locale", "[a-z]{2}" } });

If I use the following url: http://server/minneapolis it goes to the login page. If I add the following to the Web.Config, then it "works" and goes to the transfer.aspx page.

<location path="minneapolis"> 
    <system.web> 
      <authorization> 
        <allow users="*"/> 
      </authorization> 
    </system.web> 
 </location>

I don't want to have to add all of the locales to the web.config, seems to defeat the purpose.

I can also change the route to (notice I added "/loc/"):

    routes.MapPageRoute("/locale", "/loc/{locale}", "~/shorturl/transfer.aspx", 
            false, 
            new RouteValueDictionary { { "locale", "[a-z]{2}" } });

After that I can change the Web.Config location path to loc (location path="loc") and it works, but I'd really prefer to have it at the root. Is there any way to do this?

It's .NET v4 and I have to support IIS 7 and IIS 7.5

share|improve this question
    
Is your server/minneapolis path a secured one...I mean should the user be authenticated in order to get to server/minneapolis...? if possible can you post your page's code behind? –  NiK Apr 3 '12 at 20:27
    
I don't want it to be secure, but depending how it's configured it is or isn't. Which page do you want to see the code behind for? –  Dean Apr 4 '12 at 15:06

1 Answer 1

up vote 0 down vote accepted

I don't think there's a way to do it. Authorization is url based and the authorization module seems to check the source url rather than the destination url when it determines how to authorize the request.

Like 6 months just failed exactly the same way as you did in one of my projects. I ended up with the solution you propose - my routed requests were put in a "subfolder" and I created a local web.config with authorization allow users=*.

If there's a way around this, I would also like to hear how it should be done.

share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.