O'Reilly logo

Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB by Stefan Schackow, Bilal Haidar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

6.6. Configuring Forms Authentication Inside IIS 7.0

The <forms /> configuration section is usually edited inside the application's web.config. If you want to change the default predefined values, you configure a <forms /> section by specifying the name, path, login page, cookieless mode, authentication cookie time-out, sliding expiration, whether forms authentication requires SSL, and whether the authentication cookie is enabled for cross-application redirects. Although the application's web.config configuration file provides a very good IntelliSense to manipulate the different configuration sections, IIS 7.0, among the many new integration features with ASP.NET, provides a graphical user interface to edit the application's <forms /> authentication configuration section and some other configuration sections, too (SessionState is an example). To edit the <forms> authentication section, right-click on the FormsAuthenticationModule inside the Authentication applet window. Figure 6-4 shows the IIS 7.0 Windows Form used to edit the <forms /> section for an application.

As you can see, the entire <forms /> authentication configuration section is now editable through the IIS 7.0 Manager tool.

Figure 6-4. Figure 6-4

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required