multiple login page for forms authentication

Hi,

I wonder if it is possible to have multiple login page for different folder within the web application. Assuming there are administrator login page and normal user login page. I understand that we can make use of the role to differentiate them, but given the condition that administrator and user should see different login screen. An example will be a login.aspx in admin folder and login.aspx at the top level.

Does anyone has any idea how to do it ? Is this the limitation on forms authentication to only allow one login page in the entire asp.net ?

Thanks,

Re: multiple login page for forms authentication

I have done this concept using single login form..

check out htis url:

http://www.codeproject.com/KB/web-security/FormAuthenticnAuthorizn.aspx

http://www.codeproject.com/KB/web-security/formsroleauth.aspx

i have not tried ur concept yet..surely can be done..

Re: multiple login page for forms authentication

I think everyone tried single login form before. Apparently this seems to be the limitation in the asp.net forms authentication. Unless we do not use the formsAuthentication class

Re: multiple login page for forms authentication

Please explain abit better

Re: multiple login page for forms authentication

Hi,

Did you try putting two web.config files in two different folders with two different forms authentication settings..

Re: multiple login page for forms authentication

Hi savagerider,

Basically, you could only set one Login page in ASP.NET. However, if you want to display different Login pages to different users, you could achieve it indirectly. Since we don't know the role before the user login, we can take advantage of the request URL. For example, if the user request "http:\\www.xx.com\Admin\Info.aspx", you could display the Login page in Admin directory. Here're the steps:

1. Use a general Login page in the root of the web site - actually, you can put nothing in this Login page, it's just a middle page. In the Page_Load event, you have to parse the requested URL. Based on the requested URL, you can know which Login page should be redirected to. For instance:

protected void Page_Load(object sender, EventArgs e)
{
     char[] chs = {'/'};
     string[] strs = Request["ReturnUrl"].Split(chs);


     if (strs[1] == "Admin")
     {
          Response.Redirect(@"\Admin\Login.aspx");
     }
     else if(strs[1] == "Users")
     {
          Response.Redirect(@"\Users\Login.aspx");
     }
}

2. In order to redirect to the two Login pages, you should set Location in the two subdirectories to allow anonymous access. For instance:

<configuration>

  <location path="Login.aspx">
    <system.web>
      <authorization>
        <allow users="?"/>
      </authorization>
    </system.web>
  </location>
  
</configuration>

Thanks.

Re: multiple login page for forms authentication

Hi WenCui,

This is EXACTLY what I'm looking for. Many thanks for your helps !!!!!

Re: multiple login page for forms authentication

Hi, After a few tries, i realize that the method will not work if form authentication is used. Apparently, we need to use the login Page as the middle that you mentioned above. In this case, if you tried to access page that is under Admin folder, it should redirect to Admin\login.aspx, but at this stage because the page is not authenticated yet, then it will redirect to login page (the middle) page again. It will end up in a dead-lock situation. Pls advise on the implementation that you mentioned. Thanks,

Re: multiple login page for forms authentication

make sure to allow access to anonymous users to both of your Login.aspx pages