Forms Authentication

[Epissioro]

I have an application in "c:inetpubwwwrootds\" with a virtual directory of "ds".<BR><BR>In this directory I have a bunch of files including "accountlogin.aspx" and "web.config".<BR><BR>I have a subfolder named "secure", that when the user has authenticated want them to access the /ds/secure/index.aspx file. If they try and access that file (or any others under the secure dir) without logging in the will be directed to accountlogin.aspx.<BR><BR>What I don't understand is what to set the PATH attribute to? LoginURL is equal to "accountlogin.aspx". The web.config file should sit in the "ds" directory right? And my virtual directory should also point to this dir? Right now the entire site is being redirect to "accountlogin.aspx".<BR><BR>----------------------<BR>/ds/ (anonymous)<BR> accountlogin.aspx<BR> web.config<BR><BR>/ds/secure (authenticated users)<BR> index.aspx<BR> etc.<BR>----------------------<BR><BR>FROM WEB.CONFIG<BR><forms name="DSAuth" Path=???? loginUrl="accountlogin.aspx" protection="All" timeout="30"><BR><BR>FROM ACCOUNTLOGIN.ASPX<BR>Sub ProcessLogin(Sender As Object, E As EventArgs)<BR>If Page.IsValid Then<BR>If FormsAuthentication.Authenticate(Request.Form("Username"), Request.Form("Password")) Then<BR>FormsAuthentication.RedirectFromLoginPage(Request. Form("Username"), False)<BR>Response.Redirect("/ds/secure/index.aspx")<BR>Else<BR>lblMessage.Text = "<b>Incorrect Login!</b>"<BR>End If<BR>End If<BR>End Sub<BR><BR>Thanks!Configuration Error <BR>Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. <BR><BR>Parser Error Message: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.<BR><BR>Source Error: <BR><BR><BR>Line 1: <configuration><BR>Line 2: <system.web><BR>Line 3: <authentication mode="Forms"><BR>Line 4: <forms name="DSAuth" loginUrl="accountlogin.aspx" protection="All" timeout="30"><BR>Line 5: <credentials passwordFormat="Clear"><BR> <BR><BR>Line 3 is highlighted.<BR><BR>Does the web.config file need to be in the directory you want to secure? I'm lost!<BR><BR>Thanks!