You cannot override the <authentication>
node for particular subfolders. This simply is not supported. If you want to have a different login page for your area you could write a custom [Authorize]
attribute and then decorate all your controller actions in the Area with it. The idea is to override only the HandleUnauthorizedRequest method and redirect to the desired login page.
For example:
public class AdminAuthorizeAttribute : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
var routeValues = new RouteValueDictionary(new
{
controller = "login",
action = "login",
area = "admin"
});
filterContext.Result = new RedirectToRouteResult(routeValues);
}
}
And as far as your web.config is concerned, the <authentication>
node must be configured directly under the <system.web>
section and not inside a <location>
section.