By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,665 Members | 1,950 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,665 IT Pros & Developers. It's quick & easy.

How to redirect

P: n/a
All,

I am using Form Authentication with Roles.
E.G. PageA.aspx is permitted for Role "Admin",
and PageB.aspx is permitted for Role "Basic".

When a user of "Basic" role try to access an "Admin" page directly,
Login From shown and he enters his username and password.
He is then AUTHENTICATED but stays on the Login form because
he is not permitted to view the "Admin" pages.

My question is: Is there a way to redirect the user to a "Not-permitted-page" ?

Thanks

John
Nov 18 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
Hi John,

Can you add a section to the web.config to exempt the notpermitted.aspx page
from the authentication?

<location path="notpermitted.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>

http://www.microsoft.com/resources/d...ionelement.asp
"Q. John Chen" <no******@wowway.com> wrote in message
news:84**************************@posting.google.c om...
All,

I am using Form Authentication with Roles.
E.G. PageA.aspx is permitted for Role "Admin",
and PageB.aspx is permitted for Role "Basic".

When a user of "Basic" role try to access an "Admin" page directly,
Login From shown and he enters his username and password.
He is then AUTHENTICATED but stays on the Login form because
he is not permitted to view the "Admin" pages.

My question is: Is there a way to redirect the user to a
"Not-permitted-page" ?

Thanks

John


Nov 18 '05 #2

P: n/a
Ken,

I don't think that I made my question clear. Here is details:

First, I have a login form. If a user failed to login. It will show
the error right in the login form and ask for re-enter the
identification:
<authentication mode="Forms">
<forms loginUrl="login.aspx" />
</authentication>

I have two page accessable to user in the roles, Admin and Basic in
this example:
<location path="PageA.aspx" >
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*" />
</authorization>
</system.web>
</location>

<location path="PageB.aspx" >
<system.web>
<authorization>
<allow roles="Basic, Admin" />
<deny users="*" />
</authorization>
</system.web>
</location>

Now, UserB (with 'Basic' role) logins first. Then he types PageA.aspx
in address bar trying to access PageA. He is redirect to the Login
page automatically. But what I wantd is to SHOW a kind of 401 error
page rather than go the the login page.

Thanks

John
Nov 18 '05 #3

P: n/a
I did it this way:

Change the Web.config only limit the anomymous user and allow all
users.
And in individual page, check the role the user is in and redirect to
the proper page.

-- John
Nov 18 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.