On Wed, 17 May 2006 18:48:01 -0700, AAOMTim
<AA*****@discussions.microsoft.com> wrote:
Depending on user permissions, I would like to be able to change a redirect
to disallow certain users from going to a bookmarked page for which they
should have no access. Is there a way to modify the redirect in the
<LoginControl>_LoggedIn event?
I think what you are wanting to do is check in the page_load event of
your aspx page. That is, after the authentication has already been
done earlier in the pipeline. What I always do is to check this:
IPrincipal iPrincipal = HttpContext.Current.User;
if (!iPrincipal.Identity.IsAuthenticated)
{
response.redirect...
This way, since I'm looking directly at the cookie I don't have to do
a sql access using Membership.GetUser().
You can also look for roles that are authorized at this point. (that
does take some sql queries though.)
Good luck
Peter Kellner
http://peterkellner.net