Hi Casey, Basically what you need to do is to put all protected resources in the same sub directory and protect this sub directory. This way the site's root is not blocked. Bye, David. -----Original Message----- From: thelist-bounces at lists.evolt.org [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Casey Crookston Sent: Tuesday, October 12, 2004 5:28 PM To: thelist at lists.evolt.org Subject: [thelist] ASP.NET: Forms-Based Authentication (thank you Gary) Thanks, Gary, for pointing me to this article. It has helped tons. http://samples.gotdotnet.com/quickstart/aspplus/doc/formsauth.aspx Next question. The site I am working on does not need authentication on all pages, only three of the seven. When I implement this form of authentication, it protects the entire site. The default.aspx page, and 6 others, needs to be public. How can I indicate which pages need to be secured? Thanks, Casey -- * * Please support the community that supports you. * * http://evolt.org/help_support_evolt/ For unsubscribe and other options, including the Tip Harvester and archives of thelist go to: http://lists.evolt.org Workers of the Web, evolt !