deny anonymous for all pages except the "~/" path in asp.net

in asp.net, i use this config section to deny anonymous users for all pages.

<authentication mode="Forms">
  <forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>
<authorization>
  <deny users="?" />
</authorization>

and i use the following to declare an exception that anonymous can access.

<location path="Welcome.aspx">
  <system.web>
    <authorization>
      <allow users="*" />
    </authorization>
  </system.web>
</location>

that works fine for me.

however, how can i set only the default page as an exception? (such as: anonymous can access only http://mysite/, but can NOT access any other pages in the site?)

i'v tried use location path="~/" 开发者_StackOverflow社区or "/" and it doesn't work.

If path="Default.aspx" doesn't work then it cannot be done using configuration. There's no syntax available to specify only the application root in the path attribute.

I think you can change your folder structre to achieve this. Then you can change the web.config to deny user

<configuration>
    <system.web>
        <authorization>
            <allow roles="administrators" />
            <deny users="?" />
        </authorization>
    </system.web>
</configuration>