I believe the solution to your problem would be, in your web.config file (in your root folder), to define multiple <location> elements, protecting one with forms auth, and the other (the root folder) not at all. I'm not sure how your first question addresses the issue you are having. Subfolders are not, by themselves, application roots, so any subfolder you create by default inherits the application of the parent folder. Only if you explicity set a subfolder as an application root is it not part of the parent folder's application. Cheers Ken On Mon, 1 Nov 2004 14:24:53 -0600, Casey Crookston <casey at thecrookstons.com> wrote: > How do you configure IIS to recognize sub-folders as part of the same > application as the parent folder? > > OR... > > I currently have a subfolder declared as it's own application because I want > to force a logon using forms authentication. After logging in, the user > will have access to a content management tool which will edit content found > in the parent folder. To insert the content to be edited into the form, I'm > using user controls. But IIS will not allow me to map to a .ascx file found > in another application. > > Thus the problem. Is there a better way around this then making the secure > subfolder part of the same application as the public folder? The main > folder is view-only public... no login required. The sub folder MUST be > secure, and must also have access to content from the main folder.