473,327 Members | 1,979 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

.NET forms authentication role-based redirection?

Hi there,

Thanks in advanced for any help.

I am new to .NET and am trying to do the following:
Certain paths within the application are public, while certain paths
only are for registered users, and certain paths for administrators.

Using the forms authentication within the web.config file, I can set
certain paths to be locked down to a certain "role". This works fine. A
non-authenticated user hits the url and gets sent to the Login page.

Here's my problem. If a user is already authenticated, but not of the
correct "role", it still redirects them to the Login page. What I would
like is to redirect them to a Permission Denied page (because they are
already logged in, just of a different role).

Any ideas how to do this?

Thanks very much,
Cory

Feb 21 '06 #1
2 1603
ME
I would consider using a Login View control. If the page is displayed by
means of a redirect (maybe examine the Response object to determine this. I
haven't tried it but it should work.) simply add your "permission denied"
message to the "Logged In" view. Add your Anonymous message to the
"Anonymous" view. If the page is NOT a redirect you could display some
other message. A second alternative is to examine their assigned roles and
compare those roles to the resource being sought, then display the
appropriate message. I think a View control would probably work easiest.

Thanks,

Matt

"Cory Lievers" <co**********@gmail.com> wrote in message
news:11**********************@f14g2000cwb.googlegr oups.com...
Hi there,

Thanks in advanced for any help.

I am new to .NET and am trying to do the following:
Certain paths within the application are public, while certain paths
only are for registered users, and certain paths for administrators.

Using the forms authentication within the web.config file, I can set
certain paths to be locked down to a certain "role". This works fine. A
non-authenticated user hits the url and gets sent to the Login page.

Here's my problem. If a user is already authenticated, but not of the
correct "role", it still redirects them to the Login page. What I would
like is to redirect them to a Permission Denied page (because they are
already logged in, just of a different role).

Any ideas how to do this?

Thanks very much,
Cory

Feb 22 '06 #2
Thanks for your reply Matt,

I'll try to find some information about this Login View Control.

regards,
Cory

Feb 22 '06 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

11
by: ElmoWatson | last post by:
I tried on the Security newgroup, as well as other places, and haven't gotten an answer yet - - I'm pulling my hair out over this one. I'm trying to get Forms Authentication working.....I can get...
3
by: Kris van der Mast | last post by:
Hi, I've created a little site for my sports club. In the root folder there are pages that are viewable by every anonymous user but at a certain subfolder my administration pages should be...
3
by: Martin | last post by:
Dear fellow ASP.NET programmer, I stared using forms authentication and temporarily used a <credentials> tag in web.config. After I got it working I realized this wasn't really practical. I...
5
by: Kenneth Keeley | last post by:
Hi, I have a web app that has forms authentication and I can login to the page the first time I go there but it never times me out if I come back in 24 hours a hit the refresh key the page loads...
0
by: Jurjen de Groot | last post by:
I have build an ASP.NET application and would like to protect various folders containing aspnet pages for various usertypes. /Admin /Manager /User I've created a login on the default.aspx in...
3
by: Mike | last post by:
I have a web application that the forms authentication cookie is not expiring correctly. When I look at the trace information of a newly requested page after the session and forms authentication have...
7
by: mircu | last post by:
Hi, I noticed weird behaviour with the site that is using forms authentication. I am logged to the site from the same machine from two browsers (opened separately, not ctrl-N) as different users...
4
by: David | last post by:
Hi all, I have a problem with Forms Auth. I am not using the protected folder method, rather, I want some parts of the page to be shown depending on the authentication state. Basically, I...
4
by: alexandis | last post by:
There are tons of articles about custom role and provider membership, but they just tear me apart and confuse :( The situation is following: I use DB2, so I wrote custom role + membership...
4
by: Bjorn Sagbakken | last post by:
In a web-application with login creds (user, pwd), these are checked against a user table on a SQL server. On a positive validation I have saved the userID, name, custno and role-settings in a...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.