WIF entry point, federated authentication

Question

In an asp.net application, is it possible to have only a handful of pages (.aspx) to be WIF protected while leaving the other pages untouched?

Basically, what I want is when the user land on the HomePage.aspx, they can browse and be able to go to PageOption.aspx and PageAbout.aspx - however when they try to access the PageAccount.aspx I want the WIF settings kicked in. And if the user is logged in already, then great - otherwise we redirect the user to an STS page where they can get authenticated.

Right now, all of my pages are WIF protected. So if I try to access any of the pages I get redirected to the STS page.

I have tried modifying the web.config file and putting the pages I want WIF protected in a separate folder and give its separate web.config, but no luck so far.

Also, I am getting error if I try to set the <authentication mode.. in the nested web.config. Why can't I do that either?

The error I get is (on line 15):

Parser Error Message: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.

Source Error: Line 15:

Just to take it a step further to what I am trying to do is allow forms authentication on the PageOption.aspx and the PageAbout.aspx and when user tries to go directly to the PageAccount.aspx I want then to use federated authentication.

Any security gurus out there that can shed some light on this?