after surfing many sites looking for an answer to allowing more than 1 un-authenticated page to be viewed before a user logs in i came accross this which allows for URL authorisation. I've found it extremely useful for my problem. See following post:
Emergency-Form level authentication
2004-06-10 16:38:26 altanic [Reply | View]
look into the URLAuthorization stuff. I don't claim to have a solid handle on this but I've accomplished a working example on doing exactly what you guys ask for by setting each file/folder's authorization settings in the web.config file.
You would want to add an element such as:
<location path="PublicPage.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
for each item/folder you want to be freely available to everybody. Conversely, you could open your whole site to allow users="*" and then change the above to:
<location path="protected_directory">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
so as to protect this one directory. (or page if you like)
Thought it could be potentially usefull for others. More details of this post can be found at
http://www.ondotnet.com/pub/a/dotnet...rmsauthp1.html